System-Assigned Passwords: The Disadvantages of the Strict Password Management Policies

Bostjan BRUMEN

首页> 外文期刊>Informatica >System-Assigned Passwords: The Disadvantages of the Strict Password Management Policies

【24h】

System-Assigned Passwords: The Disadvantages of the Strict Password Management Policies

机译：系统分配的密码：严格的密码管理策略的缺点

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

After Morris and Thompson wrote the first paper on password security in 1979, strict password policies have been enforced to make sure users follow the rules on passwords. Many such policies require users to select and use a system-generated password. The objective of this paper is to analyse the effectiveness of strict password management policies with respect to how users remember system-generated passwords of different textual types - plaintext strings, passphrases, and hybrid graphical-textual PsychoPass passwords. In an experiment, participants were assigned a random string, passphrase, and PsychoPass passwords and had to memorize them. Surprisingly, no one has remembered either the random string or the passphrase, whereas only 10% of the participants remembered their PsychoPass password. The policies where administrators let systems assign passwords to users are not appropriate. Although PsychoPass passwords are easier to remember, the recall rate of any system-assigned password is below the acceptable level. The findings of this study explain that system-assigned strong passwords are inappropriate and put unacceptable memory burden on users.

机译：之后莫里斯和汤普森在1979年写了一篇关于密码安全的第一篇论文，严格的密码政策已经执行，以确保用户遵循口令规则。许多这样的政策要求用户选择和使用系统生成的密码。本文的目的是分析相对于严格的密码管理政策，以用户如何记住不同的文本类型的系统生成的密码的有效性 - 明文字符串，密码短语，以及混合图形，文本PsychoPass密码。在一项实验中，参与者被分配一个随机字符串，密码，以及密码PsychoPass，不得不记住他们。出人意料的是，没有人记得无论是随机的字符串或密码，而只有10％的参与者回忆他们PsychoPass密码。在管理员让系统分配密码给用户的政策是不恰当的。虽然PsychoPass密码更容易记住，任何系统指定密码的召回率低于可接受的水平。这项研究的结果解释，系统指定的强密码是不恰当的，并把不可接受的记忆负担的用户。

著录项

来源
《Informatica》 |2020年第3期|459-479|共21页
作者
Bostjan BRUMEN;
展开▼
作者单位

University of Maribor Faculty of Electrical Engineering and Computer Science Smetanova 17 Si-2000 Maribor Slovenia;

展开▼
收录信息美国《科学引文索引》(SCI);
原文格式 PDF
正文语种 eng
中图分类
关键词
passwords; passphrases; security; human memory; mnemonics; authentication;

机译：密码;密码;安全;人体记忆;助药;验证;

相似文献

外文文献
中文文献
专利

1. Enhanced Tacit Secrets: System-assigned passwords you can't write down, but don't need to [J] . Joudaki Zeinab, Thorpe Julie, Martin Miguel Vargas International Journal of Information Security . 2019,第2期

机译：增强的默契秘密：系统分配的密码您不能写下来，但不需要
2. Optiwords: A new password policy for creating memorable and strong passwords [J] . Guo Yimin, Zhang Zhenfeng, Guo Yajun Computers & Security . 2019,第AUGa期

机译：Optiwords：一种新的密码策略，用于创建令人难忘的强密码
3. Optiwords: A new password policy for creating memorable and strong passwords [J] . Guo Yimin, Zhang Zhenfeng, Guo Yajun Computers & Security . 2019,第Auga期

机译：Optiwords：创建难忘和强密码的新密码策略
4. System-Assigned Passwords You Can’t Write Down, But Don’t Need To [C] . Zeinab Joudaki, Julie Thorpe, Miguel Vargas Marti Annual Conference on Privacy, Security and Trust . 2017

机译：您无法写下但不需要的系统分配的密码
5. The Impact of Cues and User Interaction on the Memorability of System-assigned Random Passwords. [D] . Al-Ameen, Mahdi Nasrullah. 2016

机译：提示和用户交互对系统分配的随机密码的记忆性的影响。
6. A Password Meter without Password Exposure [O] . Pyung Kim, Younho Lee, Youn-Sik Hong, 2021

机译：无密码曝光的密码仪表
7. Password composition policy: does enforcement lead to better password choices? [O] . Campbell John, Kleeman Dale, Ma Wanli 2006

机译：密码组成政策：强制执行会导致更好的密码选择吗？

System-Assigned Passwords: The Disadvantages of the Strict Password Management Policies

摘要

著录项

相似文献

相关主题

期刊订阅