Open sesame: Lessons in password-based user authentication

Bahman Rashidi and Vaibhav Garg
Additional contact information
Bahman Rashidi: Comcast Cable, USA
Vaibhav Garg: Comcast Cable, USA

Cyber Security: A Peer-Reviewed Journal, 2021, vol. 4, issue 4, 317-329

Abstract: The cost of unusable password policies in the wild is well documented. These costs impinge both business and security. The alternative is to move to multi-factor and risk-based authentication, which include software authenticators, hardware tokens, and biometrics. This paper provides an overview of the research in this area and concludes with guidance on how to best leverage password-based authentication. We recommend that designers should only implement efforts backed by empirical evidence, offer solutions to reduce user effort, and use compensating controls to address the underlying limitations of passwords.

Keywords: passwords; biometrics; 2FA; MFA; authentication (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2021
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/6343/download/ (application/pdf)
https://hstalks.com/article/6343/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2021:v:4:i:4:p:317-329

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().