Cryptosmith

Cyber and security architecture, not bitcoins

Password Sanity

When I was doing research for my book Authentication a few years back, I came to realize just how crazy password management has become. The rule comes down to this:

The password must be impossible to remember and never written down.

This is, of course, ridiculous. The ideal password has to be both memorable and hard to guess. Ideally, a password should be hard to crack, which means that it even takes a computer a really long time to guess it.

My thoughts on these issues yielded these articles:

The Center for Password Sanity

Copyrights

Some of this material may be reproduced under a Creative Commons license. The copyright for some material is held by Addison-Wesley, the publisher of Authentication.

Favorite Posts

Memory Sizes: kilo mega giga tera peta exaOctober 18, 2013
SCI//HCS-P/SI/TK at Mar-a-LagoJune 4, 2023
Leaking Secrets Under Social PressureSeptember 28, 2023
Stream Cipher Reuse: A Graphic ExampleMay 31, 2008
Play the Password Game!October 4, 2023
Kilo mega giga teraOctober 19, 2013

ACSAC Android Apple attacks authentication Bitcoin Boak Calibre certificates CIA properties classified Clinton cloud computing Coursera CPU cracking crypto cybercurrency databases design principles domain names Drupal ebooks elections email encrypted messages evaluations file systems flaws Ft. Meade GUI history iOS iPhone KGB Kindle library malware memory sizes Microsoft mobile security MSSE Multics NSA NSTISSI 4011 OPDS passwords phishing President quantum Quizlet RAM risks secrecy spam SSL stream cipher TCSEC Top Secret training Trump UMN video Wordpress xor