Text-based passwords have long acted as the dominating authentication method. Leet, as one of the significant components in password, has not been paid enough attention yet. In this paper, we systematically study the presence of Leet in passwords. We define single and pattern forms of Leet and propose a matching approach to check whether a user password contains Leet. We extract the most prevalent counterpart pairs of Leet manifestations. Afterward, we examine the effect of Leet in passwords by incorporating Leet transformation into the probabilistic context-free grammar(PCFG) method to crack passwords. We construct the first comprehensively analyzed dictionary of Leets for passwords, which is confirmed suitable for most datasets by user survey. Experiments on four leaked password sets demonstrate that distinguished Leet usage accumulates to account for around 1% of the total dataset. Only 5% of high-frequency Leets replacement could increase the cracking rate by 0.55%. For crackers, incorporating popular Leets aids to improve password cracking performance. For users, adopting low-frequency Leets could strengthen their passwords. This research provides a new perspective to investigate Leet transformations in passwords.

中文翻译：

---

用法用法及其对密码安全性的影响

长期以来，基于文本的密码一直是主要的身份验证方法。Leet作为密码的重要组成部分之一，尚未引起足够的重视。在本文中，我们系统地研究了密码中Leet的存在。我们定义了Leet的单一形式和模式形式，并提出了一种匹配方法来检查用户密码是否包含Leet。我们提取最常见的对立表现形式。然后，我们通过将Leet转换结合到概率上下文无关文法（PCFG）方法中来破解密码，从而研究Leet在密码中的作用。我们构建了第一本经过全面分析的Leets密码字典，通过用户调查确认该字典适用于大多数数据集。对四个泄漏的密码集进行的实验表明，杰出的Leet用法累计约占总数据集的1％。高频Leets更换中只有5％可以使破裂率提高0.55％。对于饼干，结合流行的Leets辅助工具可改善密码破解性能。对于用户而言，采用低频Leets可以加强其密码。这项研究提供了一个新的视角来研究密码的Leet转换。