Communications of the ACM
Professor Lorrie Cranor Gives Lecture on Password Security
Carnegie Mellon University professor Lorrie Cranor recently held a seminar on the study of password security.
Credit: The Tartan
Carnegie Mellon University's (CMU) Human-Computer Interaction Institute recently hosted a seminar on the study of password security led by CMU professor Lorrie Cranor. Her research team has conducted a study in this area by accessing data on hidden passwords without the data set ever actually reaching the eyes of any researcher.
The team's black box system, consisting of analytic algorithms, enabled the researchers to derive statistics on the vulnerability of passwords.
The researchers also conducted another study with Amazon's Mechanical Turk (M-Turk) Program, which dictated how participants were to create passwords and then asked follow-up questions. The M-Turk results were on par with those from the actual password study, showing an efficient and effective balance between password usability and security.
Cranor notes the standards basic16 and comprehensive8 balanced the two sectors well. Still, she says her personal findings over the years indicate "12-character passwords with at least two character classes, no keyboard patterns, and some special characters not at the beginning or end" are ideal standards for maximizing security and minimizing discomfort.
From The Tartan
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found