The Future of Passwords

There are only three things that can be used for authentication: something you know, something you have, or something you are. Combining two or more of these things yields a stronger authentication. Passwords are something you know. Keys are something you have. An access card that requires a PIN number combines both something you have and something you know. Reliable and accurate systems to identify something you are, such as fingerprint or handprint scanners, voice identification equipment, or retina scanners , are very expensive and have yet to prove themselves .

The two major security risks to passwords today are password guessing and password snooping. These two risks have made the current UNIX password system suspect, and it is apparent that it will soon be ineffective . The following password methodologies address one or both of these issues.

Computer-generated Passwords

Since the main problem with passwords is that users choose ones that are easy to guess, one approach to improving password security is to use passwords that are created by the computer. Computer-generated passwords render password guessing useless, since the passwords selected by the computer are not found in any dictionary. But that also means that the passwords are difficult for users to remember. So users will usually write down their passwords, opening a door to other types of snooping.

Writing down a password in a "time management system" or in your "pocket computer" may not be much of a security risk, since you will know if your time management system or your pocket computer is lost or stolen and can notify the system managers to change your passwords. However, most users will write down their password on a piece of paper and keep it close at hand near their terminal (in their desk drawer , under the keyboard, stuck to the edge of the terminal monitor), thereby leading to the general consensus that writing down your password is a bad idea.

Pass Phrases

Since the number of possible passwords grows exponentially with the length of the password, some sites have replaced the standard UNIX password system with a system that uses pass phrases. A pass phrase system allows the user to type in a long password where every character must match to be granted access. This allows the user to use a phrase that can be remembered and reduces the success of password guessing.

Challenge-response Systems

Some sites have addressed the issue by having the user answer a series of questions. Then when the user logs in, one of the questions is presented to the user and he must give the matching response to gain access. In this case, if a password is compromised, it opens only a smaller window of vulnerability, since the hacker may receive a challenge that is not the one to which he has the correct response. Generally, these systems will continue to give the same challenge until a correct response is supplied, keeping a hacker from retrying until the challenge he has the response for is presented.

Onetime Passwords

Onetime passwords eliminate the security issues of snooping and password cracking by not using a password more than once. So getting someone's password does not help a hacker get access to the system.

Today, onetime passwords are implemented either with a book of precomputed passwords that the user carries with him, and the system prompts the user for a specific entry from the book, or through the use of smart cards that compute the next password in the smart card. Outfitting thousands of users with smart cards may be cost-prohibitive.