The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs
Source: Cornell University
Vulnerabilities related to weak passwords are a pressing global economic and security issue. The authors report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors they design an algorithm that strengthens security of passwords. The core idea of the method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective.