Strengthening Password-based Authentication

Even with years of research into new authentication technologies, passwords still dominate the authentication landscape. This is due primarily to a combination of security, deployability, and usability that has been difficult to match. While password alternatives exist, their lack of widespread adoption indicates that for the foreseeable future passwords are here to stay.

Our research goal is to strengthen, not replace, password-based authentication. We focus on two serious problems with password-based authentication. First, poor security practices at the web servers leads to stolen password files that are easily compromised using an offline attack. Second, passwords are too easily stolen via phishing attacks.

Both of these problems arise because for the vast majority of authentication flows, servers require users to provide their plaintext passwords. In the case of a legitimate server receiving this password, the user must blindly trust that the server correctly salts and hashes the password. Experience, though, has shown that many websites do not follow proper password storage. Moreover, there is a disconnect between perceived best practices for password storage and actual best practices.

Even if websites were to safely store users' passwords, users would still be at risk to phishing attacks. Phishers impersonate legitimate websites in order to trick users into sending their authentication credentials to the phishing website. The problem of phishing is only compounded by password reuse, allowing a single stolen password to potentially compromise many of the user's sites.

In this paper, we describe two methods for strengthening existing password-based authentication: strong password protocols and safe password entry.