Journal
COMMUNICATIONS OF THE ACM
Volume 58, Issue 7, Pages 78-87Publisher
ASSOC COMPUTING MACHINERY
DOI: 10.1145/2699390
Keywords
-
Categories
Funding
- Secure Usability Fellowship from Simply Secure
- Open Technology Fund
- Natural Sciences and Engineering Research Council of Canada Chair in Authentication and Computer Security
- European Research Council [307224]
- European Research Council (ERC) [307224] Funding Source: European Research Council (ERC)
Ask authors/readers for more resources
PASSWORDS HAVE DOMINATED human-computer authentication for 50 years despite consensus among researchers that we need something more secure and deserve something more user friendly. Much published research has focused on specific aspects of the problem that can be easily formalized but do not actually havea major influence on real-world design goals, which are never authentication per se, but rather protection of user accounts and sensitive data. As an example of this disconnect, academic research often recommends strict password-composition policies (such as length requirements and mandating digits and nonalphabetic characters) despite the lack of evidence they actually reduce harm. We argue that critically revisiting authentication as a whole and passwords' role therein is required to understand today's situation and provide a meaningful
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available