Password Policy: The Good, the Bad, and the Ugly
Author(s): Wayne C. Summers, Edward Bosworth

Date: 2004
Publication: Proceedings of the Winter International Symposium on Information and Communication Technologies
Page(s): 1 - 6
Publisher: ACM
Source 1: http://csc.colstate.edu/summers/Research/Password-Policy.doc
Source 2: http://portal.acm.org/citation.cfm?id=984720.984724 - Subscription or payment required

Abstract:
"We're secure! We use passwords!" How many of us have heard this claim? Or even -- "We're secure! We have a password policy!" Using a password or having a password policy in today's world of computing is not enough. Passwords provide a first line of defense in most cases, but there is much more. "A recent survey by Rainbow Technologies Inc. indicates that the use of insecure passwords can be costly -- and potentially risky -- for corporate data. "[Rosencrance] This paper focuses on the use of passwords and password policy and looks at the good, the bad and the ugly scenarios that arise.

PasswordResearch.com Note: Summers and Bosworth don't really bring any new research to the table with their paper, but they do a decent job of summarizing the problems with passwords and offering some tips you can transform into policies within your organization.


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com