Communications of the ACM
Passwords that Are Simple
Technology Review
Researchers at Microsoft have come up with a way to create easy-to-remember passwords without making a system more vulnerable to hackers.
Instead of enforcing complex passwords, as many organizations do, the new scheme makes sure than no more than a few users can have the same password, which has a similar overall effect on security. Further research from Microsoft also reveals why only some organizations insist on very complex passwords.
Increasingly complex password requirements—rules like "passwords must be 14 characters long and contain at least two uppercase letters, two lowercase letters, and three symbols"—make it difficult for attackers to guess passwords using a so-called "dictionary attack," which involves trying many possible passwords in succession.
Without such restrictions, people tend to pick passwords that are easy to remember, easy to type—and easy to guess...
From Technology Review
View Full Article
No entries found