Publication | Closed Access
Comparing passwords, tokens, and biometrics for user authentication
647
Citations
27
References
2003
Year
Authentication AuthorizationEngineeringUsable SecurityAuthenticator CombinationsInformation SecurityBiometricsIdentity-based SecurityAuthenticationSecurityInformation ForensicsUser AuthenticationComputer ScienceCompromise DetectionAuthentication Access ControlAuthentication ProtocolData SecurityCryptography
Passwords have long been the standard for computer authentication, but the growing need to remember more complex passwords has highlighted the necessity for more convenient and secure authentication solutions. The study aims to compare passwords, security tokens, and biometrics—collectively called authenticators—and to provide a comprehensive overview for evaluating options and identifying research gaps. The authors assess each authenticator’s resistance to various attacks, its suitability for security requirements such as compromise detection and nonrepudiation, and illustrate tradeoffs through examples of combination protocols.
For decades, the password has been the standard means for user authentication on computers. However, as users are required to remember more, longer, and changing passwords, it is evident that a more convenient and secure solution to user authentication is necessary. This paper examines passwords, security tokens, and biometrics-which we collectively call authenticators-and compares these authenticators and their combinations. We examine their effectiveness against several attacks and suitability for particular security specifications such as compromise detection and nonrepudiation. Examples of authenticator combinations and protocols are described to show tradeoffs and solutions that meet chosen, practical requirements. The paper endeavors to offer a comprehensive picture of user authentication solutions for the purposes of evaluating options for use and identifying deficiencies requiring further research.
| Year | Citations | |
|---|---|---|
Page 1
Page 1