Improving Usability of Passphrase Authentication

Glen Nielsen, Michael Vedel, Christian D. Jensen

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review


The combination of user-names and passwords has become the predominant method of user authentication in computer systems. Most users have multiple accounts on different systems, which impose different constraints on the length and complexity of passwords that the user is allowed to select. This is done to ensure an appropriate degree of security, but instead, it makes it difficult for users to remember their password, which results in passwords that are either insecure, but easy to remember, or written down on paper. In this paper we address the problem of usability in user authentication.We promote the use of passphrases, which provide better security and are often easier to remember than passwords. Passphrases will be significantly longer than passwords, which makes them more difficult to enter correctly on a keyboard. We solve this problem by proposing a new passphrase validation algorithm, which accepts the most common typing mistakes. The proposed algorithm has been implemented in secure hardware and integrated into a standard Unix system. We present the design, implementation and preliminary evaluation of the developed passphrase authentication prototype.
Original languageEnglish
Title of host publicationProceedings of the 2014 Twelfth Annual Conference on Privacy, Security and Trust (PST)
Publication date2014
ISBN (Print)978-1-4799-3503-1
Publication statusPublished - 2014
Event12th Annual Conference on Privacy, Security and Trust - Ryerson University, Toronto, Canada
Duration: 23 Jul 201424 Jul 2014
Conference number: 12


Conference12th Annual Conference on Privacy, Security and Trust
LocationRyerson University
Internet address


Dive into the research topics of 'Improving Usability of Passphrase Authentication'. Together they form a unique fingerprint.

Cite this