|
Safer Storage and Handling of User Answers to Security Questions
Date: July 26 2017 Publication: BSidesLV 2017 Source 1: https://www.researchgate.net/publication/318721386_Safer_Storage_and_Handling_of_User_Answers_to_Security_Questions Abstract or Summary:
Like it or not, security question password reset isn’t going away. Most organizations find it to be a cost effective approach that seems to work in practice. While there are many problems with this approach, one has received little attention: how to safely store the answers. I show that common methods used for storing password validation information are not suitable for security questions, and propose better alternatives. PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=CqwbCxP7MC0
Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.
<-- Back to Authentication Research Paper Index |