View article

This paper discusses the complexity measurement of a password in relation to the performance of a keystroke dynamics system. The performance of any biometric system depends on the stability of the biometric data provided by the user. We first present a new way to calculate the complexity related to the typing of a password. This complexity metric is then validated with the keystroke dynamics data collected in an experiment, as well as the user's experience during the experiment. Next, we show that the performance of the keystroke dynamics biometric system will depend on the complexity of the password and in particular that the performance of the system decreases with an increasing complexity. This leads then to the conclusion that random passwords might, although harder to guess by an attacker, might not be the most suitable choice in case of keystroke dynamics.