A Proactive Password Checker
- M. Bishop, “A Proactive Password Checker”, Technical Report PCS-TR90-152, Dept. of Computer Science, Dartmouth College, Hanover, NH 03755 (June 1990).
Password selection has long been a difficult issue; traditionally, passwords are either assigned by the computer or chosen by the user. When the computer does the assignments, the passwords are often hard to remember; when the User makes the selection, the passwords are often easy to guess. This paper describes a technique, and a mechanism, to allow users to select passwords which to them are easy to remember but to others would be very difficult to guess. The technique is site, user, and group configurable, and allows rapid changing of constraints impossed upon the passwords. Although experience with this technique has been limited, it appears to have much promise.