Making more extensive and efficient typo-tolerant password checkers

Résumé

As passwords remain the main online authentication method, focus has shifted from naive entropy to how usability improvements can increase security. Chatterjee et al. recently introduced the first two typo-tolerant password checkers, their second being usable in practice while being able to correct up to 32% of typos, with no real security cost. We propose an alternative framework which corrects up to 57% of typos without affecting user experience, at no computa- tional cost to the server.