The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - Sept.-Oct. (2013 vol.17)
pp: 91-94
Hilarie Orman , Purple Streak
ABSTRACT
Passwords are an old-fashioned authentication mechanism that remains ubiquitous, but modern processing hardware with massive parallelism has suddenly undercut the security of the traditional eight-character password. Administrators and users need to understand the increased risks and to find ways to use and protect longer passwords.
INDEX TERMS
Servers, Cryptography, Internet, Software, Access controls, Authentication,parallelism, password, authentication
CITATION
Hilarie Orman, "Twelve Random Characters: Passwords in the Era of Massive Parallelism", IEEE Internet Computing, vol.17, no. 5, pp. 91-94, Sept.-Oct. 2013, doi:10.1109/MIC.2013.103
REFERENCES
1. R. Morris and K. Thompson, “Password Security: A Case History,” Comm. ACM, vol. 22, no. 11, 1979, pp. 594-597; http://doi.acm.org/10.1145/359168.359172.
2. N. Provos and D. Mazires, “A Future-Adaptable Password Scheme,” Proc. Usenix Ann. Technical Conf., Freenix track, Usenix Assoc., pp. 32-32.
3. C. Percival, “Stronger Key Derivation via Sequential Memory-Hard Functions,” Proc. Technical BSD Conf. (BSDCan 09), 2009; www.bsdevents.org/2012/10/bsdcan-2009-2.
4. S. Komanduri et al., “Of Passwords and People: Measuring the Effect of Password-Composition,” Proc. SIGCHI Conf. Human Factors in Computing, ACM, 2011, pp. 2595-2604; http://doi.acm.org/10.1145/1978942.1979321.
5. C.E. Shannon, “Prediction and Entropy of Printed English,” Bell System Technical J., 1951; http://languagelog.ldc.upenn.edu.
6. A. Rao, B. Jha, and G. Kini, “Effect of Grammar on Security of Long Passwords,” Proc. 3rd ACM Conf. Data and Application Security and Privacy, ACM, 2013, pp. 317-324; http://doi.acm.org/10.1145/2435349.2435395.
7. H. Bojinov et al., “Neuroscience Meets Cryptography: Designing Crypto Primitives Secure,” Proc. 21st Usenix Conf. Security Symp., Usenix Assoc., 2012, pp. 33-33; http://dl.acm.org/citation.cfm?id=2362793.2362826.
8. N.M. Haller, The S/KEY One-Time Password System, IETF RFC 1760, Feb. 1995; www.ietf.org/rfcrfc1760.txt
91 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool