E. H. Spafford. OPUS: Preventing Weak Password Choices. Computers and Security, 11:273--278, 1992.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... security by selecting good passwords, such as user education, program controlled password generation and reactive password checking (i.e. system administrators periodically run password cracking programs to search weak passwords) proactive password checking has been widely regarded as the best [2, 3, 6, 11]. In 1999, Wu [13] reported a password experiment done in a Kerberos setting where a proactive password checker was used. Wu recommended strong password authentication protocols such as EKE [1] SRP [12] as an alternative approach to improving password security, since the checker appeared not to ....

....and they only worked efficiently when the dictionary file was of a modest size. Researchers have been looking for good algorithms that could achieve both fast checking speed and effective dictionary compression at the same time. For example, Spafford used Bloom filters [4] in his OPUS system [11]. Davies and Ganesan used trigrams and a Markov model in their BApasswd [5] The state of the art of proactive password checking is ProCheck [2, 3] which uses decision tree techniques to achieve high dictionary compression (up to 1000:1) as well as a fast checking speed. In its current ....

E. H. Spafford. OPUS: Preventing Weak Password Choices, Computers and Security 11(3), pp. 273-278, 1992

.... secure communications like in Kerberos [11,12] or the# service [14] using the Rampart toolkit [13] Also as an independent topic, many schemes for the password management have been suggested in various viewpoints such as one time password challengeresponse [1,4,7,9,15] weak password protection [2,3,6,16], or password hash encryption methods [5,8] The above literature shows that the password management scheme can be strengthened via various ways, and that, on the other hand, the conventional scheme needs stronger security. Some schemes have a big complexity and require system wide modification, ....

E. H. Spafford. OPUS: Preventing weak password choices. Computers & Security, 11(4):273-- 278, 1992. 6

....administrators (and increasingly ordinary users who are worried) try to add these words as soon as possible to their list of forbidden passwords. There have been suggestions of a national bank sort of a super dictionary that will be updated regularly and distributed through the Internet [Sp92]. With the increased efficiency of encrypting, and thus guessing, it is now possible to guess millions of words in a reasonably short #################################### 1 Supported in part by an NSF Presidential Young Investigator Award (grant DCR 8451397) with matching funds from AT T, and ....

....below, because many more passwords can now be guessed in a short time. Surprisingly the idea of enforcing the use of nonalphanumeric characters (and checking the passwords only against a relatively small dictionary containing only phrases with non alphanumeric characters) is not mentioned in [Sp92], which concentrates entirely on checking passwords against a large dictionary. This idea is quite common. It is easier to verify that a password contains a special character than it is to check the password against a large dictionary; it is easier for the users to generate a password they can ....

[Article contains additional citation context not shown here]

Spafford, E. H., "Opus: Preventing Weak Password Choices," Computers & Security, 11 (May 1992), pp. 273-278.

....try themselves to crack passwords on a regular basis, and inform users whose passwords are broken to change it. This state of affairs has generated a race to collect bigger and bigger dictionaries, and to update them all the time with names in the news, phrases, new categories, etc. [Sp92]) Accounts of this race has even reached the popular press [Ha91] It s not clear who is winning this race, but it is clear that it is a tough one. System administrators who are not up to date lose to hackers who are. Making sure that no password appears in the dictionary may not be sufficient, ....

Spafford, E. H., "Opus: Preventing Weak Password Choices," Computers & Security, 11 (May 1992), pp. 273-278.

....systems, used worldwide on tens of thousands of computer systems. This tool runs on several dozen varieties of UNIX, and detects scores of configuration and management problems that may lead to security problems. It is still viewed as the standard of its type. Another tool Spaf designed, OPUS, [32, 31] has been experimented with as one of our COAST projects. This system will help prevent users from choosing weak or obvious passwords, yet it will not add to the administrative burdens of the system administrator, nor will it require the megabytes of disk storage that would be required of a ....

Eugene H. Spafford. OPUS: Preventing weak password choices. Computers & Security, 11(3):273-- 278, May 1992. Available as http://www.cs.purdue.edu/homes/spaf/tech-reps/9128.ps.

....UNIX systems, used worldwide on tens of thousands of computer systems. This tool runs on several dozen varieties of UNIX, and detects scores of configuration and management problems that may lead to security problems. It too is viewed as the standard of its type. Another tool Spaf designed, OPUS, [30, 29] is currently being experimented with as one of our official COAST projects. This tool will help prevent users from choosing weak or obvious passwords, yet it will not add to the administrative burdens of the system administrator, nor will it require the megabytes of disk storage that would be ....

Eugene H. Spafford. OPUS: Preventing weak password choices. Computers & Security, 11(3):273-- 278, May 1992.

....tool for UNIX systems, used worldwide on tens of thousands of computer systems. This tool runs on over a dozen varieties of UNIX, and detects several score configuration and management problems that may lead to security problems. It too is viewed as the standard of its type. Another tool, OPUS, [25, 24] is currently being designed and experimented with as one of the first COAST projects. This tool will help prevent users from choosing weak or obvious passwords, yet it will not add to the administrative burdens of the system administrator, nor will it require the megabytes of disk storage that ....

Eugene H. Spafford. Opus: Preventing weak password choices. Computers & Security, 11(3):273--278, May 1992.

....The mechanism described has other interesting features, a few of which are described here. 1 Introduction Reusable passwords are a commonly used and well studied method of authentication. 25] A unique sequence of characters is presented to the Versions of this paper have appeared as [23] and [24]. system when identification is needed. This sequence is then compared with a stored sequence, perhaps after some transformation (e.g. encryption) A match provides the proof of identity. Passwords are commonly used because they are usually inexpensive to implement and administer, and because ....

Eugene H. Spafford. Opus: Preventing weak password choices. Computers & Security, 11(3):273--278, 1992.

....Bloom filter. If a match is found, the choice is rejected. OPUS can be integrated with other mechanisms, like Kerberos, and may be configured to support password aging as part of its design. Details of the structure of OPUS are not the main focus of this paper; the interested reader may refer to [12] for further design details. To properly evaluate an implementation of OPUS, it will be necessary to check its behavior against a large body of actual user passwords. These passwords must be typical of those of a real user population that OPUS is intended to support, and they must furthermore not ....

Eugene H. Spafford. Opus: Preventing weak password choices. Computers & Security, 11(3):273--278, 1992.

No context found.

E. H. Spafford. OPUS: Preventing Weak Password Choices. Computers and Security, 11:273--278, 1992.

No context found.

Eugene Spafford. 1992. "OPUS: Preventing weak password choices." Computers & Security 11, No. 2. Elsevier.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC