Comparing Passwords, Tokens, and Biometrics for User Authentication
Date: December 2003 Publication: Proceedings of the IEEE, Volume 91, Issue 12 Page(s): 2019 - 2040 Publisher: IEEE Source 1: http://www.nikacp.com/images/10.1.1.200.3888.pdf Source 2: http://www.profsandhu.com/cs6393_s13/gorman-2003.pdf Source 3: http://dx.doi.org/10.1109/JPROC.2003.819605 - Subscription or payment required Abstract or Summary:
For decades, the password has been the standard means for user authentication on computers. However, as users are required to remember more, longer, and changing passwords, it is evident that a more convenient and secure solution to user authentication is necessary. This paper examines passwords, security tokens, and biometrics-which we collectively call authenticators-and compares these authenticators and their combinations. We examine their effectiveness against several attacks and suitability for particular security specifications such as compromise detection and nonrepudiation. Examples of authenticator combinations and protocols are described to show tradeoffs and solutions that meet chosen, practical requirements. The paper endeavors to offer a comprehensive picture of user authentication solutions for the purposes of evaluating options for use and identifying deficiencies requiring further research. Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.
<-- Back to Authentication Research Paper Index |