Improving Usability of Passphrase Authentication

Glen Nielsen, Michael Vedel, Christian D. Jensen

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

The combination of user-names and passwords has become the predominant method of user authentication in computer systems. Most users have multiple accounts on different systems, which impose different constraints on the length and complexity of passwords that the user is allowed to select. This is done to ensure an appropriate degree of security, but instead, it makes it difficult for users to remember their password, which results in passwords that are either insecure, but easy to remember, or written down on paper. In this paper we address the problem of usability in user authentication.We promote the use of passphrases, which provide better security and are often easier to remember than passwords. Passphrases will be significantly longer than passwords, which makes them more difficult to enter correctly on a keyboard. We solve this problem by proposing a new passphrase validation algorithm, which accepts the most common typing mistakes. The proposed algorithm has been implemented in secure hardware and integrated into a standard Unix system. We present the design, implementation and preliminary evaluation of the developed passphrase authentication prototype.
Original languageEnglish
Title of host publicationProceedings of the 2014 Twelfth Annual Conference on Privacy, Security and Trust (PST)
PublisherIEEE
Publication date2014
Pages189-198
ISBN (Print)978-1-4799-3503-1
Publication statusPublished - 2014
Event12th Annual Conference on Privacy, Security and Trust - Ryerson University, Toronto, Canada
Duration: 23 Jul 201424 Jul 2014
Conference number: 12
https://www.ieee.org/conferences_events/conferences/conferencedetails/index.html?Conf_ID=33023

Conference

Conference12th Annual Conference on Privacy, Security and Trust
Number12
LocationRyerson University
Country/TerritoryCanada
CityToronto
Period23/07/201424/07/2014
Internet address

Fingerprint

Dive into the research topics of 'Improving Usability of Passphrase Authentication'. Together they form a unique fingerprint.

Cite this