What I've learned about passwords, and why they aren't going away

Location: MTV - 10 Forward

0.5× 1.5×

Duration: 1 hour 10 minutes

Joseph Bonneau surveys the past few years of research, including his own recent PhD work, on human-computer authentication and passwords in particular, as well as some perspective from his consulting work trying to fix password deployments. While passwords have been derided for decades, a few interesting trends have driven recent research: the availability of massive data sets to analyze human-chosen passwords, the increasing deployment of mobile phones capable of acting as a second authentication factor, and renewed efforts to deploy client-side certificates. Dr. Bonneau argues that passwords will remain with us for the next decade, but the number of organizations deploying passwords will gradually decrease to only a few tech giants. He expects major implications both for how passwords are deployed and how identity works on the web.

Tags: security, passwords, security research

Channels: Main

Additional links:

Views since archived: 503