Rethinking Password Policies
نویسندگان
چکیده
“In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology changes, the underlying (and unstated) assumptions underlying these bits of conventional wisdom also change. The result is a stale policy that may no longer be effec- tive...or possibly even dangerous.” — Gene Spafford [23]
منابع مشابه
Rethinking the Theory of Change for Health in All Policies; Comment on “Health Promotion at Local Level in Norway: The Use of Public Health Coordinators and Health Overviews to Promote Fair Distribution Among Social Groups”
This commentary discusses the interesting and surprising findings by Hagen and colleagues, focusing on the role of the public health coordinator as a Health in All Policies (HiAP) tool. The original article finds a negative association between the employment of public health coordinators in Norwegian municipalities and consideration of a fair distribution of social and economic resources betwee...
متن کاملCreating Usable Policies for Stronger Passwords with MTurk
People are living increasingly large swaths of their lives through their online accounts. These accounts are brimming with sensitive data, and they are often protected only by a text password. Attackers can break into service providers and steal the hashed password files that store users’ passwords. This lets attackers make a large number of guesses to crack users’ passwords. The stronger a pas...
متن کاملPersonalizing Password Policies and Strength Feedback
To make users pick stronger passwords, service providers utilize password policies and password creation feedback while the user types inside password fields. Those two techniques often fail to achieve this primary goal. In this position paper, we argue that a personalized version of polices and strength meters are worth investigating. Putting individuals into the center of attention rather tha...
متن کاملImproving Usability of Password Management with Standardized Password Policies
Recent studies indicate that many users have difficulties managing online passwords for the increasing number of accumulated accounts. As a result, users often adopt strategies to simplify password management, such as selecting weak passwords and reusing passwords across multiple accounts, which unfortunately can cause security vulnerabilities. This problem is exacerbated by the fact that users...
متن کاملDiversify to Survive: Making Passwords Stronger with Adaptive Policies
Password-composition policies are intended to increase resistance to guessing attacks by requiring certain features (e.g., a minimum length and the inclusion of a digit). Sadly, they often result in users’ passwords exhibiting new, yet still predictable, patterns. In this paper, we investigate the usability and security of adaptive password-composition policies, which dynamically change passwor...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013