Strengthening Passwords

Strengthening Passwords

Martin Abadi
Digital Equipment Corporation
Systems Research Center

T. Mark A. Lomas
Goldman Sachs International
Information Security Department

Roger Needham
University of Cambridge
Computer Laboratory
and
Microsoft Research

Abstract


Despite their notorious vulnerability, traditional passwords remain important for security. In this paper we describe a method for strengthening passwords. Our method does not require users to memorize or to write down long passwords, and does not rely on smart-cards or other auxiliary hardware. The main cost of our method is that it lengthens the process of checking a password.