Asserting password crackers ability to target Swedish passwords : An analysis

Sammanfattning: In today's digital world, passwords are the keys that unlock our online lives, keeping our social media, financial accounts, and streaming services secure. Unfortunately, this makes password information a prime target for hackers, who can gain access to our entire digital existence. One significant vulnerability is that an individual's language and cultural background often influence password creation. This master's thesis explores the realm of password security by examining the ability of popular password cracking and mangling tools to target passwords created by Swedish speakers. The study compares attacks on passwords created by Swedish speakers to those created by international users. The tools under scrutiny include Probabilistic Context Free Grammar (PCFG), Ordered Markov Enumerator (OMEN), Odinn, and Hashcat. The study also examines a method for measuring the quality of the tools' password guesses. The findings revealed a noteworthy trend: all the tools demonstrated better performance when attacking passwords created by Swedish speakers compared to their international counterparts. PCFG, in particular, was nearly twice as effective against Swedish passwords after just 10,000 guesses, while OMEN outperformed significantly against Swedish targets after 1-5 million guesses. The quality measurements, gauged by the percentage of cracked passwords after specific guess increments of 10,000, 1-5 million, and 1 billion were used to evaluate the effectiveness of the tools. This research highlights the nuanced dynamics of password security, emphasizing the impact of linguistic and cultural factors on the vulnerability of passwords.