Scenario: A computer system allows a user to choose a password with a length of one to eight characters. A system administrator needs to figure out how long a user’s password should expire.
Assume that 1 million passwords can be tested per second by a hacker. The hacker can guess a user’s password 24 hours a day and 7 days a week. A password should be expired if it has an equal or greater than 10% probability of having been guessed. Given each of the following condition, determine the time (in measurement of days) users’ passwords should be expired.
Probability of having been guessed = total number of guess/total possible combinations.
You may Excel’s Power function to calculate mn. Make sure that you show your steps for partial credit.
Answer:
Let it be for all instances
A = the number of alphabet characters.
R = the guessing rate, 104 scaled to the required unit of time.
N = Number of total passwords
T = the time to achieve the expected probability of having a broken password
then
(R x T) / N = 0.10 The probability of the total number of guesses over the total number of passwords is 1/10
T = N/(10R)
This is the total number of passwords
N= S-1 = 80iiccc - 119
Answer a.
a = 127 and T= 6.82x1011 seconds = 21,629 years
Answer b.
A= 62 seconds so T= 2.2x109 seconds = 70 years
Answer c.
A= 10 then T= 1,111 seconds= 18 minutes
Get Answers For Free
Most questions answered within 1 hours.