Revisiting Password Rules: Facilitating Human Management of Passwords
dc.contributor.author | Zhang-Kennedy, Leah | |
dc.contributor.author | Chiasson, Sonia | |
dc.contributor.author | van Oorschot, Paul | |
dc.date.accessioned | 2022-03-08T21:40:26Z | |
dc.date.available | 2022-03-08T21:40:26Z | |
dc.date.issued | 2016-06 | |
dc.description | © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works | en |
dc.description.abstract | Password rules were established in the context of past security concerns. Recent work in computer security challenges the conventional wisdom of expert password advice, such as change your passwords often, do not reuse your passwords, or do not write your passwords down. The effectiveness of these rules for protecting user accounts against real world attacks is questioned. We review the latest research examining password rules for general-purpose user authentication on the web, and discuss the arguments behind the continued acceptance or the rejection of the rules based on empirical evidence and solid justifications. Following the review, we recommend an updated set of password rules. | en |
dc.identifier.uri | https://doi.org/10.1109/ECRIME.2016.7487945 | |
dc.identifier.uri | http://hdl.handle.net/10012/18096 | |
dc.language.iso | en | en |
dc.publisher | IEEE | en |
dc.relation.ispartofseries | 2016 APWG Symposium on Electronic Crime Research (eCrime); | |
dc.subject | security | en |
dc.subject | usability | en |
dc.subject | cognitive science | en |
dc.subject | electronic mail | en |
dc.subject | biological system modelling | en |
dc.subject | dictionaries | en |
dc.subject | computer science | en |
dc.title | Revisiting Password Rules: Facilitating Human Management of Passwords | en |
dc.type | Article | en |
dcterms.bibliographicCitation | Zhang-Kennedy, L., Chiasson, S., & van Oorschot, P. (2016). Revisiting password rules: Facilitating human management of passwords. 2016 APWG Symposium on Electronic Crime Research (ECrime), 1–10. https://doi.org/10.1109/ECRIME.2016.7487945 | en |
uws.contributor.affiliation1 | Stratford School of Interaction Design and Business | en |
uws.contributor.affiliation2 | Stratford School of Interaction Design and Business | en |
uws.peerReviewStatus | Reviewed | en |
uws.scholarLevel | Faculty | en |
uws.typeOfResource | Text | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Revisiting Password Rules - Facilitating Human Management of Passwords.pdf
- Size:
- 155.86 KB
- Format:
- Adobe Portable Document Format
- Description:
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 4.47 KB
- Format:
- Item-specific license agreed upon to submission
- Description: