Evaluation of Leet Speak on Password Strength and Security

Authors

  • Medhansh Garg  American Embassy School, New Delhi, India

DOI:

https://doi.org/10.32628/IJSRST229567

Keywords:

Cyber Security, Password, Password Strength, Leet, Leet Speak

Abstract

Making secure passwords is one of the biggest challenges in everyday life. There are numerous rules and requirements making passwords complex and hard to remember, and keeping track of which password is for which account is a major hassle. According to an article from HelpNetSecurity, statistics show that an alarming “78% of respondents required a password reset in their personal life within the last 90 days” ("78% of people"). In recent years, leet speak has become increasingly popular as a way to create memorable passwords. Leet speak is a convenient method for users to create passwords that meet password requirements in many services. But there has been increasing debate on whether this approach is a secure and safe method or not. This paper aims to solve this debate by effectively evaluating the strength of ordinary passwords and leet passwords using various means. With the help of password cracking or recovery tools and password strength classifiers, this paper will compare the cracking time and strength scores of ordinary passwords and leet converted passwords. The paper will begin with a background information section explaining important concepts discussed in the paper, followed by the methodology of the experiment, a presentation of the data along with the evaluation of the results, and a conclusion at the end.

References

  1. "Brute Force Attack: Definition and Examples." kaspersky, www.kaspersky.com/resource-center/definitions/brute-force-attack. "Bulletin board system." Wikipedia, en.wikipedia.org/wiki/Bulletin_board_system. Craenen, Roald. "L33T SP34K CH34T SH33T." GameHouse,
  2. www.gamehouse.com/blog/leet-speak-cheat-sheet/.
  3. Hashcat. Hashcat, hashcat.net/hashcat/.
  4. Hunt, Troy. "Who, what & why." Have I Been Pwned, haveibeenpwned.com/About. "Is it Safe to Use Random Password Generators?" Best Reviews, password-managers.bestreviews.net/faq/is-it-safe-to-use-random-password-generators/.
  5. Jung, Jason. "What is Password Hashing and Salting?" Okta, 7 May 2021, www.okta.com/uk/blog/2019/03/what-are-salted-passwords-and-password-hashing/.
  6. Miessler, Daniel. "10-million-password-list-top-1000000.txt." text file. "Password." Wikipedia, en.wikipedia.org/wiki/Password. Accessed 21 July 2022. Schneier, Bruce. "Choosing Secure Passwords." Schneier on Security, 3 Mar. 2014,
  7. www.schneier.com/blog/archives/2014/03/choosing_secure_1.html.
  8. "78% of people forgot a password in the past 90 days." Help Net Security, 11 Dec. 2019, www.helpnetsecurity.com/2019/12/11/forgot-password/. Accessed 1 Aug. 2022.
  9. Szczepanek, Anna. "Password Entropy Calculator." Omni Calculator, 13 Apr. 2022, www.omnicalculator.com/other/password-entropy.
  10. TechTarget Contributor. "leet speak (leet)." WhatIs, Aug. 2016, www.techtarget.com/whatis/definition/leet-speak-leet-leetspeak-leetspeek-or-hakspeak. Accessed 1 Aug. 2022.
  11. Zxcvbn. Version v4.4.2. Github, 7 Feb. 2017, github.com/dropbox/zxcvbn.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2022-10-30

Issue

Volume 9, Issue 5, September-October-2022

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Medhansh Garg "Evaluation of Leet Speak on Password Strength and Security" International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011,Volume 9, Issue 5, pp.410-422, September-October-2022. Available at doi : https://doi.org/10.32628/IJSRST229567