On Semantic Patterns of Passwords and their Security Impact presented at NDSS 2014

by Julie Thorpe, Rafael Veras, Christopher Collins,

Summary : We present the first framework for segmentation, semantic classification and generalization of passwords and demonstrate how probabilistic grammars encoding the semantics of password samples can lead to better cracking results than the state-of-the-art method. In sessions of 3 billion guesses, we guess approximately 67% more passwords from the LinkedIn leak and 32% more passwords from the MySpace leak.