Renaud, K., Kennes, D., van Niekerk, J. and Maguire, J. (2013) SNIPPET: Genuine Knowledge-Based Authentication. In: 12th Annual Conference on Information Security South Africa, Johannesburg, South Africa, 14-16 Aug 2013, pp. 1-8. (doi: 10.1109/ISSA.2013.6641059)
Full text not currently available from Enlighten.
Abstract
Authentication is traditionally performed based on what you know, what you hold or what you are. The first is the most popular, in the form of the password. This is often referred to as “knowledge-based” authentication. Yet, given the guidelines for password restrictions commonly given to end-users we will argue that this is a misnomer. A strong password is actually a lengthy string of gibberish or nonsense. Common password strength guidelines advise users against choosing meaningful passwords.
Item Type: | Conference Proceedings |
---|---|
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Renaud, Professor Karen and Maguire, Dr Joseph |
Authors: | Renaud, K., Kennes, D., van Niekerk, J., and Maguire, J. |
College/School: | College of Science and Engineering > School of Computing Science |
Research Group: | Human-centred Security Research Group |
University Staff: Request a correction | Enlighten Editors: Update this record