Passwords That Are Simple--and Safe
Technology Review (07/19/10) Garfinkel, Simson
Microsoft researchers have developed a new approach to creating passwords that retains the security of complex passwords but does away with their complexity requirements. The method makes sure that no more than a few users can have the same password, which has a similar effect on overall security when employed by organizations with millions of users. The system counts how many times any user on the service chooses a given password, and when more than a small number of users pick a password, it is banned and no one else is allowed to choose it. "Replacing password creation rules with popularity limitations has the potential to increase both security and usability," write Microsoft researchers Cormac Herley and Stuart Schechter in a paper to be published at the upcoming Hot Topics in Security conference. "Since no passwords are allowed to become too common, attackers are deprived of the popular passwords they require to compromise a significant faction of accounts using online guessing."
Monday, July 19, 2010
Blog: Passwords That Are Simple--and Safe
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment