Introduction and
Security Projects
Distributed Applications
Proactive Password Checking      

The important problem of user password selection is addressed and a new proactive password checking technique is presented. In a training phase, a decision tree is generated based on a given dictionary of weak passwords. Then, the decision tree is used to determine whether a user password should be accepted. Experimental results described here show that the method leads to very high dictionary compression (from 100 to 3 in the average) with low error rates (of the order of 1%). We survey previous approaches to proactive password checking, and provide an in-depth comparison.

Papers (selection)  

G. Ruffo and F. Bergadano EnFilter: a Password Enforcement and Filter Tool based on Pattern Recognition Techniques in Proc. of the 2005 International Conference on Image Analysis and Processing (ICIAP 2005) - Special Session in ''Pattern Recognition in Computer Security'', September 6-8, 2005, Cagliari, Italy. LNCS 3617, Springer Verlag, pp.75--82.

F. Bergadano, B. Crispo, G. Ruffo High Dictionary Compression for Proactive Password Checking ACM Transactions on Information and System Security in november 1998 (TISSEC), Vol.1, No.1, November 1998, ACM Press, pp. 3-25.

F. Bergadano, B. Crispo, G. Ruffo Proactive Password Checking with Decision Trees in Proc. of the 1997 ACM Conference on Computer and Communication Security, April 1997, Zurich (Switzerland). ACM Press, pp. 67-76.

Software and Links  

EnFilter (Win2K/XP) - based on our previous work on Procheck. By way of a bilateral agreement between the University of Turin and Certimeter, an University spin-off, EnFilter can be downloaded from the Certimeter's site.

More info? Contact person is Giancarlo Ruffo: ruffo[at]


Dept. of
Computer Science
University of
Web Technology
Web Technology