Surf Wiki
Save to docs
general/password-authentication

From Surf Wiki (app.surf) — the open knowledge base

Munged password

Password created with common replacement strategies

Summary

Password created with common replacement strategies

A munged password (pronounced ) refers to the practice of creating a password with common replacement strategies such as replacing 'S' with '$' or '5'. This can be seen as an application of leet speak.

There is a perception that munged passwords are more secure, but modern password cracking tools include rules to account for character substitutions. Mungeing or leet speak has a minimal effect on password security when uncommon ("low-frequency") substitutions are used, but may decrease password security by providing a false sense of complexity.

"Munge" is sometimes backronymmed as Modify Until Not Guessed Easily. The usage differs significantly from "mung" (Mash Until No Good), as munging implies destruction of data, whereas mungeing implies that the original data can be reconstructed.

Implementation

Adding a number and/or special character to a password might thwart some simple dictionary attacks. For example, the password "Butterfly" could be munged in the following ways:

8u2T3RfL?A combination of all of the above

The substitutions can be anything the user finds easy to remember, such as:

y=?

References

References

  1. (August 2020). "An Empirical Analysis on the Usability and Security of Passwords". IEEE.
  2. (2015-12-04). "leetspeak.rule".
  3. Medhansh Garg. (2022-10-14). "Evaluation of Leet Speak on Password Strength and Security". International Journal of Scientific Research in Science and Technology.
  4. "Leet Usage and Its Effect on Password Security".
Wikipedia Source

This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page.

password-authentication computer-jargon
Want to explore this topic further?

Ask Mako anything about Munged password — get instant answers, deeper analysis, and related topics.

Research with Mako

Free with your Surf account

Content sourced from Wikipedia, available under CC BY-SA 4.0.

This content may have been generated or modified by AI. CloudSurf Software LLC is not responsible for the accuracy, completeness, or reliability of AI-generated content. Always verify important information from primary sources.

Report