Passwords and the Evolution of Imperfect Authentication

Bonneau, Joseph; Herley, Cormac; van, Oorschot Paul C; Stajano, Francesco

View / Open Files

Bonneau et al 2015 Communications of the ACM.pdf (PDF, 198Kb)

Authors

Bonneau, Joseph

Herley, Cormac

van, Oorschot Paul C

Stajano, Francesco

Publication Date

2014

Journal Title

Communications of the ACM

ISSN

0001-0782

Publisher

ACM

Volume

Pages

78-87

Language

English

Type

Article

Metadata

Show full item record

Citation

Bonneau, J., Herley, C., van, O. P. C., & Stajano, F. (2014). Passwords and the Evolution of Imperfect Authentication. Communications of the ACM, 58 78-87. https://doi.org/10.1145/2699390

Abstract

Theory on passwords has lagged behind practice, where large providers use back-end smarts to survive with imperfect technology. Simplistic models of user and attacker behaviors have led the research community to emphasize the wrong threats. Authentication is a classification problem amenable to machine learning, with many signals in addition to the password available to largeWeb services. Passwords will continue as a useful signal for the foreseeable future, where the goal is not impregnable security but reducing harm at acceptable cost.

Identifiers

External DOI: https://doi.org/10.1145/2699390

This record's URL: https://www.repository.cam.ac.uk/handle/1810/246118

Rights

Licence:

http://www.rioxx.net/licenses/all-rights-reserved