Decide on interesting stats to compute

[bensonk]

We should be automating the statistical analysis of our passwords. We'll need to come up with some interesting stats to compute. Here are some random ones that come to mind:

• Distribution of character complexity
• Most common passwords
• Distribution of length complexity
• ???

[znb]

On 2012/06/09 9:25 PM, Benson Kalahar wrote:

We should be automating the statistical analysis of our passwords. We'll need to come up with some interesting stats to compute. Here are some random ones that come to mind:

• Distribution of character complexity
• Most common passwords
• Distribution of length complexity
• ???
  Yup...what about using something like Pipal for the analysis ? I know
  there's issues with threading which may cause issues with our larger
  datasets, but it's a cool project and I'm sure the output would grow
  interest for both Pipal and Panic...

</0.02c>

e: matt@zonbi.org
t: @undeadsecurity
w: http://www.zonbi.org
g: http://www.zonbi.org/zonbigpg.txt

[bensonk]

I've taken a look at pipal. It's not exactly a shining example of
well designed code, and it's designed to work on plain text. Ideally,
I'd like to do the same analyses, but from inside our rails
environment so we can use db queries instead of streaming out text
that just gets parsed again. Stealing analysis ideas from pipal, on
the other hand, is a great idea, and we should definitely do that.

[biosshadow]

As long as we give credit to Robin. IS work is good just not a good fit for us.

[bensonk]

Absolutely. Pipal is a great piece of work, and we should certainly
give credit where it's due, I just don't think we should reuse its
codebase.