Password Management

Citation

• M. Bishop, “Password Management,” Proceedings of Compcom Spring ’91: Digest of Papers pp. 167–169 (Feb. 1991).

Paper

• Publisher’s version (behind a paywall; contact the author for a copy)
• PDF
• PS

Bibliographic Information

• DOI: 10.1109/CMPCON.1991.128801
• BibTeX
• EndNote

Abstract

Problems of password selection and password management are discussed. Using a simple yet powerful model, the author describes ways to select passwords and identifies two techniques of hindering the compromise of a system by guarding the information and algorithms used to validate user passwords. It is pointed out that obtaining access to a system, or to resources on the system, is the first step in attacking the system. Penetration by obtaining, or guessing, a password is a time-honored, and extremely effective, technique for gaining such access; thus, a firm understanding of passwords, their uses, and techniques for password management are essential to the security of any computer system.

Copyright Notice

©1991 by IEEE. The definitive version was published in Proceedings of Compcom Spring ’91: Digest of Papers, Feb. 1991.