Eestikeelsete paroolide mustrite uurimine ja ründesõnatiku koostamine

Abstract

People use a variety of passwords for authentication on a daily basis, hence it is crucial to gain more insight into them. The aim of this study is to investigate the password creation habits and patterns of Estonian-speaking users. This thesis provides recommendations for avoiding predictable passwords and strengthening security practices. Passwords of Estonian users that had leaked online were collected, and a survey was conducted to map out people’s password creation habits. To implement the findings, a website was developed where one can test whether a password can be found in a sample attack dictionary that has approximately 50 million entries. The compiled attack dictionary has a total volume of over 50 GB. This can be used in security testing to identify vulnerable passwords and patterns. The written part introduces the survey research, web application, and the process of compiling the Estonian attack dictionary and the analysis results.