Password Security-- Thirty-Five Years Later
ثبت نشده
چکیده
User passwords were first introduced to allow time sharing on large mainframes. Mainframes at the time were large systems within a controlled environment. Passwords were stored in plain text file with no perceived need to secure user passwords. The first documented password breach occurred when a user wanted to gain additional time on a mainframe than the allotted four hours limit. The user simply printed the password file giving birth to the first documented password breach. Developers are continuing to develop new wa...
منابع مشابه
Protecting a Multiuser Web Application against Online Password-Guessing Attacks
This white paper presents a method for protecting a Web application against online password-guessing attacks. A user logs in with three credentials: the name of the application instance, a user ID, and a password, where the instance name is a secret known only to the instance users, the user ID is a secret kwnon only to the instance administrators, and the password is a secret known only to the...
متن کاملUNIX Password Security - Ten Years Later
Passwords in the UNIX operating system are encrypted with the crypt algorithm and kept in the publicly-readable le /etc/passwd. This paper examines the vulnerability of UNIX to attacks on its password system. Over the past 10 years, improvements in hardware and software have increased the crypts/second/dollar ratio by ve orders of magnitude. We reexamine the UNIX password system in light of the...
متن کاملToward a secure and usable cloud-based password manager for web browsers
Web users are confronted with the daunting challenges of creating, remembering, and using more and more strong passwords than ever before in order to protect their valuable assets on different websites. Password manager, particularly Browser-based Password Manager (BPM), is one of the most popular approaches designed to address these challenges by saving users’ passwords and later automatically...
متن کاملA New Ring-Based SPHF and PAKE Protocol On Ideal Lattices
emph{ Smooth Projective Hash Functions } ( SPHFs ) as a specific pattern of zero knowledge proof system are fundamental tools to build many efficient cryptographic schemes and protocols. As an application of SPHFs, emph { Password - Based Authenticated Key Exchange } ( PAKE ) protocol is well-studied area in the last few years. In 2009, Katz and Vaikuntanathan described the first lattice-based ...
متن کاملVulnerability and Risk Analysis of Two Commercial Browser and Cloud Based Password Managers
Web users are confronted with the daunting challenges of managing more and more passwords to protect their valuable assets on different online services. Password manager is one of the most popular solutions designed to address such challenges by saving users’ passwords and later auto-filling the login forms on behalf of users. All the major browser vendors have provided password manager as a bu...
متن کامل