Next: Biometric Checks
Up: Identifying Users
Previous: Physical Keys
A password is a sequence of characters which is a shared secret
between the user and system. Passwords are usually stored on
the system in a user-inaccessible location, or are stored in
an encrypted form.
Password present a variety of risks:
These risks led system architects to search for other identification
methods, including biometric checks.
- passwords can be guessed, shared, written down, or forgotten;
- passwords can be stolen by observation;
- passwords tend not to be changed very often,
and if they are, are more readily forgotten;
- passwords in plaintext are passed over the network,
or are stored in publicly readable locations on the system.
- encrypted passwords are often publicly readable, making them
susceptible to cryptographic analysis.
- short passwords can be found via brute-force methods
Fri Oct 7 16:17:21 EDT 1994