LAUSR

Password-based authentication is the first line of defense of most information systems. Password security concerns the security of the whole information system. Therefore, administrators will formulate corresponding password strategies to help users improve the security and usability of passwords. Several common password composition strategies are analyzed. Aiming at the problem that traditional password strategies cannot take security and usability into account, a new password generation strategy based on mnemonic shape, Alphapwd, is proposed. Alphapwd combines the order of writing strokes of letters with password generation to help users create safe and memorable passwords. The designed experiment compares the security of Alphapwd-based passwords with three leaked password sets. The result shows that Alphapwd-based password is generally stronger than real password sets in resisting unknown attacks. In addition, by analyzing the passwords generated by Alphapwd and KbCg (Keyboard Change), SpIns (Special Character Insertion), it can be found that the security of Alphapwd password is better than that of KbCg mnemonic password, and Alphapwd password is easier to remember than SpIns mnemonic password.