Passwords and the Evolution of Imperfect Authentication
Date: July 2015
Publication: Communications of the ACM, Vol. 58 No. 7
Page(s): 78 - 87
Source 1: https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/passwordsAndImperfectAuth.pdf
Source 2: http://www.jbonneau.com/doc/BHOS15-CACM-imperfect_authentication.pdf
Source 3: https://doi.org/10.1145/2699390 - Subscription or payment required
Abstract or Summary:
Theory on passwords has lagged behind practice, where large providers use back-end smarts to survive with imperfect technology. Simplistic models of user and attacker behaviors have led the research community to emphasize the wrong threats. Authentication is a classification problem amenable to machine learning, with many signals in addition to the password available to largeWeb services. Passwords will continue as a useful signal for the foreseeable future, where the goal is not impregnable security but reducing harm at acceptable cost.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.