Next Article in Journal
Thermodynamic and Economic Analysis of an Integrated Solar Combined Cycle System
Next Article in Special Issue
A Game-Theoretic Approach to Information-Flow Control via Protocol Composition
Previous Article in Journal
Network Entropy for the Sequence Analysis of Functional Connectivity Graphs of the Brain
Previous Article in Special Issue
Location-Aware Incentive Mechanism for Traffic Offloading in Heterogeneous Networks: A Stackelberg Game Approach
Article Menu
Issue 5 (May) cover image

Export Article

Open AccessArticle
Entropy 2018, 20(5), 312;

Password Security as a Game of Entropies

System Security Group, Institute of Applied Informatics, Universität Klagenfurt, 9020 Klagenfurt, Austria
Austrian Institute of Technology, Center for Digital Safety & Security, 1210 Vienna, Austria
Author to whom correspondence should be addressed.
Received: 27 February 2018 / Revised: 19 April 2018 / Accepted: 20 April 2018 / Published: 25 April 2018
(This article belongs to the Special Issue Information Theory in Game Theory)
Full-Text   |   PDF [791 KB, uploaded 25 April 2018]


We consider a formal model of password security, in which two actors engage in a competition of optimal password choice against potential attacks. The proposed model is a multi-objective two-person game. Player 1 seeks an optimal password choice policy, optimizing matters of memorability of the password (measured by Shannon entropy), opposed to the difficulty for player 2 of guessing it (measured by min-entropy), and the cognitive efforts of player 1 tied to changing the password (measured by relative entropy, i.e., Kullback–Leibler divergence). The model and contribution are thus twofold: (i) it applies multi-objective game theory to the password security problem; and (ii) it introduces different concepts of entropy to measure the quality of a password choice process under different angles (and not a given password itself, since this cannot be quality-assessed in terms of entropy). We illustrate our approach with an example from everyday life, namely we analyze the password choices of employees. View Full-Text
Keywords: game theory; security; entropy; passwords game theory; security; entropy; passwords
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Rass, S.; König, S. Password Security as a Game of Entropies. Entropy 2018, 20, 312.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Entropy EISSN 1099-4300 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top