Password Generators: Old Ideas and New
Fatma AL Maqbali, Chris J Mitchell
TL;DR
This paper introduces a comprehensive model for password generators, evaluates existing schemes, and proposes AutoPass, a new system that aims to improve security and usability by integrating the best features and addressing key shortcomings.
Contribution
It presents the first general model for password generators, enabling objective assessment and guiding the design of improved schemes like AutoPass.
Findings
The model facilitates comparison of existing password generators.
AutoPass incorporates best features and addresses major shortcomings.
The paper provides a framework for future password generator development.
Abstract
This paper considers password generators, i.e. systems designed to generate site-specific passwords on demand. Such systems are an alternative to password managers. Over the last 15 years a range of password generator systems have been described. This paper proposes the first general model for such systems, and critically examines options for instantiating this model; options considered include all those previously proposed as part of existing schemes as well as certain novel possibilities. The model enables a more objective and high-level assessment of the design of such systems; it has also been used to sketch a possible new scheme, AutoPass, intended to incorporate the best features of the prior art whilst also addressing many of the most serious shortcomings of existing systems through the inclusion of novel features.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsUser Authentication and Security Systems · Advanced Malware Detection Techniques