Logo des Repositoriums
 
Workshopbeitrag

Using hash visualization for real-time user-governed password validation

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Workshop Paper

Zusatzinformation

Datum

2019

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Building upon work by Perrig & Song [21], we propose a novel hash visualization algorithm and examine its usefulness for user-governed password validation in real time. In contrast to network-based password authentication and the best practices for security which have been developed with that paradigm in mind, we are concerned with use cases that require user-governed password validation in nonnetworked untrusted contexts, i.e. to allow a user to verify that they have typed their password correctly without ever storing a record of the correct password between sessions (not even a hash). To that end, we showcase a newly designed hash visualization algorithm named MosaicVisualHash and describe how hash visualization algorithms can be used to perform user-governed password validation. We also provide a set of design recommendations for systems where hash visualization for password validation is performed in real time, i.e. as the user is in the process of typing their password.

Beschreibung

Fietkau, Julian; Balthasar, Mandy (2019): Using hash visualization for real-time user-governed password validation. Mensch und Computer 2019 - Workshopband. DOI: 10.18420/muc2019-ws-302-04. Bonn: Gesellschaft für Informatik e.V.. MCI-WS08: 5. Usable Security und Privacy Workshop. Hamburg. 8.-11. September 2019

Zitierform

Tags