A Cognitive Model for the Forensic Recovery of End-User Passwords

Despite the existence of a number of advanced authentication mechanisms such as two- factor tokens, biometrics etc., the use of passwords is still the most popular means of authenticating users in a computing system. Consequently, we need to generate and remember a large number of passwords, and these passwords need to be as strong as the assets they protect. During the course of a forensic examination a computer forensics analyst may come across a number of situations where the recovery of passwords is required, either in order to access a particular user account, or to unlock encrypted or otherwise obfuscated digital content. In this paper we create a cognitive model to describe the creation of end-user generated passwords that may be applied particularly during an attempt to forensically recover such passwords. We propose that it may be feasible to recover a password by reversing the logic of its creation, taking into account contextual and other parameters, instead of applying computationally expensive brute force.