Why Autocorrect for Passwords Is a Great Idea

https://www.technologyreview.com/s/601451/why-autocorrect-for-passwords-is-a-great-idea/

Autocorrect for passwords looks like a bad idea at first sight. But turns out that  it is actually a good idea when done properly!

1 Comment

  1. Tomi Engdahl says:

    Password Autocorrect Without Compromising Security
    https://tech.slashdot.org/story/16/06/07/0454252/password-autocorrect-without-compromising-security

    Intuitively, auto-correcting passwords would seem to be a terrible idea, and the worst security-for-convenience tradeoff in technology history. But a team of academics from Cornell University, MIT and a Dropbox security engineer say that the degradation of security from the introduction of such an authentication mechanism is negligible.

    presented their findings in a paper called “pASSWORD tYPOS and How to Correct Them Securely” at the recent IEEE Symposium on Security and Privacy. The paper describes a framework for what the team calls typo-tolerant passwords that significantly enhances usability without compromising security.

    pASSWORD tYPOS and
    How to Correct Them Securely
    http://www.ieee-security.org/TC/SP2016/papers/0824a799.pdf

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*