Random Passwords Arenít Good Enough
Date: November 19 2018
Publication: PasswordsCon 2018 Stockholm
Source: Currently no known Internet copy of paper.
Abstract or Summary:
Most modern authentication systems have requirements for passwords beyond just the length. Password managers must be able to generate passwords that both meet these requirements and maintain a maximum level of entropy without causing their users confusion or frustration. Ideally, the generator could select characters completely at random from a set of allowed characters, but this approach will often yield passwords that do not conform to the systemís requirements. Iíll discuss possible solutions to this problem, which solution we chose at 1Password, and the entropy calculation algorithm that made that decision possible.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=3IXx_6a_TPs Project page: https://github.com/1password/spg
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.