Password policy simulation and analysis
Abstract
Passwords are an ubiquitous and critical component of many security systems. As the information and access guarded by passwords become more necessary, we become ever more dependent upon the security passwords provide. The creation and management of passwords is crucial, and for this we must develop and deploy password policies. This paper focuses on defining and modeling password policies for the entire password policy lifecycle. The paper first discusses a language for specifying password policies. Then, a simulation model is presented with a comprehensive set of variables and the algorithm for simulating a password policy and its impact. Finally, the paper presents several simulation results using the password policy simulation tool.
Keywords
simulation, security and protection, computing milieux
Date of this Version
2007
Comments
Proceeding DIM '07 Proceedings of the 2007, ACM workshop on Digital
identity management