Rethinking Password Policies
Author(s): Abe Singer, Warren Anderson

Date: August 2013
Publication: USENIX ;login:, Volume 38, Number 4
Page(s): 14 - 18
Publisher: USENIX
Source 1: https://www.usenix.org/sites/default/files/rethinking_password_policies_unabridged.pdf
Source 2: https://www.usenix.org/sites/default/files/rethinking_password_policies_revised_8-2-13.pdf

Abstract:
We are all familiar with having "rules" for passwords: they must have characters from various character sets, have a minimum length, get changed regularly, not be written down, etc. These rules are supposed to make passwords "secure," but thereís little to no research to support that argument. In fact, they can even weaken security. We argue that itís time for a radical change of password policy.



Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com