The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - September/October (2008 vol.12)
pp: 84-87
Stephen Farrell , Trinity College Dublin
ABSTRACT
IT system users, (all of us), and administrators, (increasingly large numbers of us), must all manage some passwords. In this article, the author reviews some issues related to password policies and concludes that managing passwords, in any sensible manner, is becoming more and more of a nuisance for users, a factor that should be to the forefront when administrators are creating password policies.
INDEX TERMS
password management, authentication, security
CITATION
Stephen Farrell, "Password Policy Purgatory", IEEE Internet Computing, vol.12, no. 5, pp. 84-87, September/October 2008, doi:10.1109/MIC.2008.108
REFERENCES
1. J. Richards, A.G. Lowe-Norris, and R. Allen, Active Directory, 3rd ed., O'Reilly Media, 2006.
2. M. Crispin, Internet Message Access Protocol —Version 4, Revision 1, IETF RFC 3501, March 2003; ftp://ftp.rfc-editor.org/in-notes/rfc3501.txt.
3. J. Klensin, ed., Simple Mail Transfer Protocol, IETF RFC 2821, 2001; www.ietf.org/rfcrfc2821.txt.
4. S. Gaw and E.W. Felten, "Password Management Strategies for Online Accounts," Proc. 2nd Symp. Usable Privacy and Security (SOUPS 06), vol. 149, ACM Press, 2006; http://doi.acm.org/10.11451143120.1143127 .
5. W.C. Summers and E. Bosworth, "Password Policy: The Good, the Bad, and the Ugly," Proc. Winter Int'l Symp. Information and Comm. Technologies, ACM Int'l Conf. Proc. Series, vol. 58, 2004, pp. 1–6.
6. E. Maler and D. Reed, "The Venn of Identity: Options and Issues in Federated Identity Management," IEEE Security &Privacy, vol. 6, no. 2, 2008, pp. 16–23.
18 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool