Rethinking Passwords

Abstract: 

Passwords and PINs are used everywhere these days, but their use is often painful. Traditional password advice and rules are seldom appropriate for today's threats, yet we labor with the password rules and servers of yesteryear. Strong passwords are weakening our security, and it is time to fix that.

There are numerous proposals for new password solutions. I will present a few half-baked ideas. But there are good solutions available now.

We are facing much more worrisome security challenges: we ought to get this easy stuff right.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {267093,
author = {William Cheswick},
title = {Rethinking Passwords},
year = {2010},
address = {San Jose, CA},
publisher = {USENIX Association},
month = nov
}
Download

Presentation Video

Presentation Audio

Links

Paper: 
Paper (HTML): 
Slides: 
http://www.usenix.org/events/lisa10/tech/slides/cheswick.pdf