Uninformed: Informative Information for the Uninformed

Vol all» Archive

Next: Contents   Contents

Mnemonic Password Formulas

Remembering Secure Passwords

May, 2007

I)ruid, C$ ^2$ ISSP
$ <$ druid@caughq.org$ >$


The current information technology landscape is cluttered with a large number of information systems that each have their own individual authentication schemes. Even with single sign-on and multi-system authentication methods, systems within disparate management domains are likely to be utilized by users of various levels of involvement within the landscape as a whole. Due to this complexity and the abundance of authentication requirements, many users are required to manage numerous credentials across various systems. This has given rise to many different insecurities relating to the selection and management of passwords. This paper details a subset of issues facing users and managers of authentication systems involving passwords, discusses current approaches to mitigating those issues, and finally introduces a new method for password management and recalls termed Mnemonic Password Formulas.