We Need Something Better Than Passwords, And We Already Have It
A technology called repeated hashing provides user authentication that can only be defeated by guessing the user’s secret or traveling back in time. Since the second is impossible, this is as good as user authentication security can get. Hashing, Again and Again In Learning Tree’s System and Network Security Introduction course we explain hash functions. […]
How To Manage Your Passwords With KeePassX
Last week I suggested a do-it-yourself approach to generating pass phrases. Using an available list of 80,489 4-to-6-character strings of words and word fragments, and randomly selecting five such strings, plus 5 digits, plus one of the 30 or so punctuation marks, that scheme could generate this many possible pass phrase strings: 804895 × 105 […]
How Can We Create Secure Passwords?
What makes a password secure? We have to keep the bad guys out while letting the legitimate user in. We need to protect authentication and prevent user identity masquerading or spoofing, so it must be impractical for the attacker to guess it. I didn’t say “impossible” because any string could be guessed eventually. But impractical, […]