ANALYSIS OF USER PASSWORD SECURITY USING PYTHON SCRIPTS

Abstract

The paper presents a comprehensive analysis of user password strength using Python scripts, enabling the automation of credential security assessment. A dataset of 1,000 passwords of varying complexity levels (weak, medium, strong) was compiled and evaluated using multiple metrics: length, Shannon entropy, presence of different character types, and verification against open databases of leaked credentials. The study established a correlation between password structure and the probability of compromise, identifying key characteristics that reduce security even when passwords formally meet complexity standards. It was shown that a significant portion of long passwords exhibit low entropy due to character repetition, while popular patterns (e.g., word+digits) make them vulnerable to hybrid attacks. Three types of attacks-dictionary, brute-force, and hybrid-were simulated, and the results confirmed the effectiveness of the selected metrics in predicting vulnerabilities. A methodology for preliminary password audits in corporate and personal systems is proposed, combining entropy analysis with checks against leaked databases. The findings can be applied to improve authentication policies, implement automated password verification at the account creation stage, and enhance cyber hygiene training programs aimed at developing users’ skills in creating strong credentials. The relevance of this research is driven by the high prevalence of brute-force and credential stuffing attacks that exploit weak or reused passwords, as well as the need for accessible tools for their prompt evaluation.