Abstract
We can’t go much further in this book without discussing passwords. I hate passwords. I hate them with a passion. And I know I’m not alone. But despite a lot of new-fangled technology, I’m here to tell you that they’re still your best option for authentication, particularly if you use them correctly. By the time you finish this chapter, you’ll know everything you need to know.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
According to SplashData: www.splashdata.com
- 3.
Special thanks to Steve Gibson’s excellent website for these figures: https://www.grc.com/haystack.htm
- 4.
Security people sometimes cheekily refer to these as “something you forget, something you lose, or something you cease to be.”
- 5.
Most people attribute this to a 2004 policy written for the National Institute of Standards and Technology by a guy named Bill Burr. He got it from a whitepaper from the 1980s! He’s since apologized for this and NIST has removed this from their security recommendations.
- 6.
Officially, this is called time-based one-time password, or TOTP. Seems to me that this acronym is missing a “B”, but no one asked me for my input.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Carey Parker
About this chapter
Cite this chapter
Parker, C. (2020). Passwords. In: Firewalls Don't Stop Dragons. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6189-7_4
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6189-7_4
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6188-0
Online ISBN: 978-1-4842-6189-7
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books