 |
| Research article summary (published 29 Apr 2002): |
Improving computer security for authentication of users: influence of proactive password restrictions.
Full Abstract
Entering a username-password combination is a widely used procedure for identification and authentication in computer systems. However, it is a notoriously weak method, in that the passwords adopted by many users are easy to crack. In an attempt to improve security, proactive password checking may be used, in which passwords must meet several criteria to be more resistant to cracking. In two experiments, we examined the influence of proactive password restrictions on the time that it took to generate an acceptable password and to use it subsequently to long in. The required length was a minimum of five characters in Experiment 1 and eight characters in Experiment 2. In both experiments, one condition had only the length restriction, and the other had additional restrictions. The additional restrictions greatly increased the time it took to generate the password but had only a small effect on the time it took to use it subsequently to long in. For the five-character passwords, 75% were cracked when no other restrictions were imposed, and this was reduced to 33% with the additional restrictions. For the eight-character passwords, 17% were cracked with no other restrictions, and 12.5% with restrictions. The results indicate that increasing the minimum character length reduces crackability and increases security, regardless of whether additional restrictions are imposed.
Learn Faster Today Improve your study skills
Author information
Author/s: Proctor, Robert W (RW); Lien, Mei-Ching (MC); Vu, Kim-Phuong L (KP); Schultz, E Eugene (EE); Salvendy, Gavriel (G);
Affiliation: Department of Psychological Sciences, Purdue University, West Lafayette, IN 47907-1364, USA. proctor(-atsign-)psych.purdue.edu
Journal and publication information
Publication Type: Clinical Trial; Journal Article; Research Support, Non-U.S. Gov't
Journal: Behavior research methods, instruments, & computers : a journal of the Psychonomic Society, Inc (Behav Res Methods Instrum Comput), published in United States. (Language: eng)
Reference: 2002-May; vol 34 (issue 2) : pp 163-9
Dates: Created 2002/07/11; Completed 2002/07/23; Revised 2006/11/15;
PMID: 12109007, status: MEDLINE (last retrieval date: 11/6/2008)
Sourced from the National Library of Medicine. Abstract text and other information may be subject to copyright.
External Links for this article (including full text providers, if available):
Click Electronic Full-text Provider Links to see options for finding the electronic full text links to this article. Note there may be a subscription or fee required for access to the full text. See our FAQ for information on finding FREE full text articles.
This article may also be located in paper journal collections available in many libraries. Use the Journal and Publication Information above to find the full article.
MeSH headings (categories)
This article was linked to the MESH Headings shown below.
Related articles
This article has not been indexed for related articles as yet, however you can still use the live related article search links below.
See a large map of 100+ related articles.