Informative Information for the Uninformed | ||||||||||||||
|
||||||||||||||
Mnemonic Password Formulas
Remembering Secure Passwords
May, 2007
I)ruid, C ISSP druid@caughq.org http://druid.caughq.org
Abstract:
The current information technology landscape is cluttered with a large
number of information systems that each have their own individual
authentication schemes. Even with single sign-on and multi-system
authentication methods, systems within disparate management domains
are likely to be utilized by users of various levels of involvement
within the landscape as a whole. Due to this complexity and the
abundance of authentication requirements, many users are required to
manage numerous credentials across various systems. This has given rise to
many different insecurities relating to the selection and management of
passwords. This paper details a subset of issues facing users and managers of
authentication systems involving passwords, discusses current approaches to
mitigating those issues, and finally introduces a new method for password
management and recalls termed Mnemonic Password Formulas.
|