Password security: a case history
@article{Morris1979PasswordSA, title={Password security: a case history}, author={Robert H. Morris and Ken Thompson}, journal={Commun. ACM}, year={1979}, volume={22}, pages={594-597} }
This paper describes the history of the design of the password security scheme on a remotely accessed time-sharing system. The present design was the result of countering observed attempts to penetrate the system. The result is a compromise between extreme security and ease of use.
1,005 Citations
End User Security
- Computer Science
- 2006
This paper details security risks, compromises, and options available to the average computer user. It includes specific discussions of encryption and password security. Analysis of a survey of…
On improvements to password security
- Computer ScienceOPSR
- 1985
A technique to allow long password-phrases that makes an exhaustive search impracticable is presented, and a solution to eavesdropping problems using public-key cryptography is proposed.
Passblot: A Usable Way of Authentication Scheme to Generate One Time Passwords
- Computer Science
- 2011
One of the promising alternatives is Graphical password based authentication systems which if implemented properly are secure but not as easy to understand or learn.
Passwords and the evolution of imperfect authentication
- Computer ScienceCommun. ACM
- 2015
Theory on passwords has lagged practice, where large providers use back-end smarts to survive with imperfect technology.
Proactive Password Checking
- Computer Science
- 1992
Generic requirements for proactive password changer are presented and two of the most popular, publicly-available programs are examined to see how well they meet the requirements.
A survey of password mechanisms: Weaknesses and potential improvements. Part 2
- Computer ScienceComput. Secur.
- 1989
An Assessment of the Oracle Password Hashing Algorithm
- Computer Science
- 2005
The algorithm used for generating password hashes is reviewed, and it is shown that the current mechanism presents a number of weaknesses, making it straightforward for an attacker with limited resources to recover a user's plaintext password from the hashed value.
A remote password authentication scheme based on the digital signature method
- Computer ScienceInt. J. Comput. Math.
- 1999
A remote password authentication scheme based on the digital signature methods is proposed that does not require the system to maintain a password file, and it can withstand attacks based on message replaying.
Proofs of Security for the Unix Password Hashing Algorithm
- Computer Science, MathematicsASIACRYPT
- 2000
The results show that the hashing algorithm is very good at extracting almost all of the available strength from the underlying cryptographic primitive and provide good reason for confidence in the Unix construction.
References
SHOWING 1-6 OF 6 REFERENCES
The UNIX Time-sharing System
- Computer Science
- 1977
The strong and weak points of UNIX are discussed and a good case can be made that it is in essence a modern implementation of MIT’s CTSS system.
Communications November ACM Number
- Communications November ACM Number
- 1979
The UNIX T ime-Sharing System.Comm
- 1974
U. S. Patent Number
- U. S. Patent Number
Proposed Federal Information Processing Data Encryption Standard
- Federal Register (40FR12134)
- 1975
Proposed Federal Information Processing Data Encryption Standard. Federal Register (40FR12134)