https://www.technologyreview.com/s/601451/why-autocorrect-for-passwords-is-a-great-idea/
Autocorrect for passwords looks like a bad idea at first sight. But turns out that it is actually a good idea when done properly!
https://www.technologyreview.com/s/601451/why-autocorrect-for-passwords-is-a-great-idea/
Autocorrect for passwords looks like a bad idea at first sight. But turns out that it is actually a good idea when done properly!
1 Comment
Tomi Engdahl says:
Password Autocorrect Without Compromising Security
https://tech.slashdot.org/story/16/06/07/0454252/password-autocorrect-without-compromising-security
Intuitively, auto-correcting passwords would seem to be a terrible idea, and the worst security-for-convenience tradeoff in technology history. But a team of academics from Cornell University, MIT and a Dropbox security engineer say that the degradation of security from the introduction of such an authentication mechanism is negligible.
presented their findings in a paper called “pASSWORD tYPOS and How to Correct Them Securely” at the recent IEEE Symposium on Security and Privacy. The paper describes a framework for what the team calls typo-tolerant passwords that significantly enhances usability without compromising security.
pASSWORD tYPOS and
How to Correct Them Securely
http://www.ieee-security.org/TC/SP2016/papers/0824a799.pdf