Realizing Pico: Finally No More Passwords!
نویسندگان
چکیده
In 2011 Stajano proposed Pico, a secure and easy-to-use alternative for passwords. Among the many proposals in this category, Pico stands out by being creative and convincing. However, the description as published leaves some details unspecified, and to the best of our knowledge the complete system has not yet been tested. This work presents detailed specifications and future-proof security protocols for Pico. Moreover, we present the first robust and efficient Pico implementation. Our implementation allows to further mature the Pico concept and can be used for large scale usability evaluations at negligible cost.
منابع مشابه
Bootstrapping Adoption of the Pico Password Replacement System (Transcript of Discussion)
In previous work we presented Pico, an authentication system designed to be both more usable and more secure than passwords. One unsolved problem was that Pico, in its quest to explore the whole solution space without being bound by compatibility shackles, requires changes at both the prover and the verifier, which makes it hard to convince anyone to adopt it: users won’t buy an authentication ...
متن کاملPico: No More Passwords!
From a usability viewpoint, passwords and PINs have reached the end of their useful life. Even though they are convenient for implementers, for users they are increasingly unmanageable. The demands placed on users (passwords that are unguessable, all different, regularly changed and never written down) are no longer reasonable now that each person has to manage dozens of passwords. Yet we can’t...
متن کاملSecurity architecture and implementation for a TPM-based mobile authentication device
Today, passwords are used everywhere to authenticate users. While they are simple for website administrators and software developers to deploy, from a usability perspective, they are becoming increasingly problematic. This is particularly because maintaining adequate security puts an inordinate number of demands on the passwords (difficult to guess, must not be reused, should be changed regular...
متن کاملPico: No More Passwords! (Transcript of Discussion)
Frank Stajano: My title should give you a hint about my position towards this problem. What’s a password? A password is a way to drive users crazy! Passwords were not so bad when you had only one or two of them, and when a password of eight or nine characters was considered a safe password. Nowadays computers have grown so powerful that ten character passwords can be bruteforced with the kind o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2014 شماره
صفحات -
تاریخ انتشار 2014