Security analysis of a secure and practical dynamic identity-based remote user authentication scheme
WISM'12 Proceedings of the 2012 international conference on Web Information Systems and Mining
Building better passwords using probabilistic techniques
Proceedings of the 28th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
This study investigates the efficacy of using a restrictive password composition policy. The primary function of access controls is to restrict the use of information systems and other computer resources to authorised users only. Although more secure alternatives exist, password-based systems remain the predominant method of user authentication. Prior research shows that password security is often compromised by users who adopt inadequate password composition and management practices. One particularly under-researched area is whether restrictive password composition policies actually change user behaviours in significant ways. The results of this study show that a password composition policy reduces the similarity of passwords to dictionary words. However, in this case the regime did not reduce the use of meaningful information in passwords such as names and birth dates, nor did it reduce password recycling.