Entries with tag security approaches.

Decoy Password Strategy Could Protect Users

Security researchers say mixing honeywords—decoy passwords—along with a real hashed password could prevent hackers from accessing websites and online services. Ari Juels, chief scientist at security firm RSA, and cryptographer and MIT professor Ronald Rivest say that storing multiple possible passwords on a system could not only provide security but also determine when an intrusion is occurring. Passwords are now considered a weak security strategy in part because users make poor password choices. This approach uses a honeychecker system with information about which passwords are legitimate and which are honeywords. This system stores randomly selected integers that point to the location where the password is stored to check whether a user is entering the correct password. If attackers accessed the honeychecker, they could not find the password. Their presence could be detected when they attempt to use one of the honeywords to access the system. (ZDNet)(The Honeywords Project)(MIT CSAIL)
 

Showing 1 result.