Skip to main content

Seminar:  Towards More Secure and Usable Text Passwords

Date:October 20, 2014 
Talk Title:Towards More Secure and Usable Text Passwords
Speaker:Lujo Bauer
Time & Location:12:00pm - 1:00pm
CIC Building, Pittsburgh

Abstract

Despite numerous shortcomings and attacks, text-based passwords remain the dominant authentication method in computer systems. For several years, we've been studying how to help users create passwords that are hard for attackers to crack, but are still easy to remember and use. We developed a data-collection and analysis methodology that allowed us to study the strength and usability properties of passwords created by over 40,000 online study participants. Using this methodology, we explored the effectiveness of password-composition policies, password-strength meters, and detailed and step-by-step feedback and guidance during the password creation policies. In this talk I'll give a broad overview of our progress, focusing on more recent results.

Speaker Bio

Lujo Bauer is an Associate Professor in the Electrical and Computer Engineering Department and in the Institute for Software Research at Carnegie Mellon University. 

Dr. Bauer's research interests span many areas of computer security and privacy, and include building usable access-control systems with sound theoretical underpinnings, developing languages and systems for run-time enforcement of security policies on programs, and generally narrowing the gap between a formal model and a practical, usable system. His recent work focuses on developing tools and guidance to help users stay safer online.

Dr. Bauer recently served as the program chair for the flagship computer security conferences of the IEEE (S&P 2015) and the Internet Society (NDSS 2014) and is an associate editor of ACM Transactions on Information and System Security.