Passwords: If We're So Smart, Why Are We Still Using Them?

Cormac Herley, P.C. van Oorschot, and Andrew S. Patrick

Abstract

While a lot has changed in Internet security in the last 10

years, a lot has stayed the same – such as the use of alphanumeric

passwords. Passwords remain the dominant means of authentication on the

Internet, even in the face of significant problems related to password

forgetting and theft. In fact, despite large numbers of proposed alternatives,

we must remember more passwords than ever before. Why is this? Will

alphanumeric passwords still be ubiquitous in 2019, or will adoption of

alternative proposals be commonplace? What must happen in order to move

beyond passwords?

This note pursues these questions, following a panel discussion at Financial Cryptography

and Data Security 2009.

Details

Publication typeArticle
Published inProc. Financial Crypto
PublisherAssociation for Computing Machinery, Inc.
> Publications > Passwords: If We're So Smart, Why Are We Still Using Them?