TY - CONF JO - Compcon Spring '91. Digest of Papers TI - Password management T2 - Compcon Spring '91. Digest of Papers IS - SN - VO - SP - 167 EP - 169 AU - Bishop, M. Y1 - 25 Feb-1 Mar 1991 PY - 1991 KW - security of data KW - computer system KW - password management KW - password selection KW - security VL - JA - Compcon Spring '91. Digest of Papers DOI - 10.1109/CMPCON.1991.128801 AB - Problems of password selection and password management are discussed. Using a simple yet powerful model, the author describes ways to select passwords and identifies two techniques of hindering the compromise of a system by guarding the information and algorithms used to validate user passwords. It is pointed out that obtaining access to a system, or to resources on the system, is the first step in attacking the system. Penetration by obtaining, or guessing, a password is a time-honored, and extremely effective, technique for gaining such access; thus, a firm understanding of passwords, their uses, and techniques for password management are essential to the security of any computer system. ER -