Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.

Similar presentations


Presentation on theme: "Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security."— Presentation transcript:

1 Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security and Usability Considerations Mike Just DIMACS Workshop on Usable Privacy and Security Software 7 July 2004

2 2 Agenda Introduction Background – Password for One Account Passwords for Multiple Accounts Further Thoughts

3 3 Introduction Premise – Passwords are too secure already Several conditions lead to an unusable or intolerable environment for users Password conditions For a single password Password rules, length, … For multiple passwords across several accounts Distinctiveness requirement/recommendation How usability be improved while retaining an acceptable level of risk?

4 4 Password for One Account Usability Considerations Password length, e.g. 4-8 characters Password construction, e.g. 1 letter, 1 number, … Password entering, e.g. allowed attempts Password management, e.g. update Attack considerations Offline attacks Online attacks

5 5 Password for One Account Offline attack Encryption of password images Distribution of password images, cf. Ford/Kaliski Online attacks Password rules Account lockout Reverse Turing Tests (CAPTCHA) But, you also have to consider Social engineering (e.g. phishing) attacks or other attacks directed at the user (and not the account system)

6 6 Password for One Account Enhance with “something you have” One-time passwords Hard tokens, e.g. SecurID, SmartCard In most cases, this requires a different “something you have” for each account Typically issued and managed through the information provider Compounds password usability issues across each account

7 7 Passwords for Multiple Accounts Consider a user with multiple accounts, each requiring password authentication Traditional wisdom dictates a distinct password for each account Is this necessary? Why or why not?

8 8 Passwords for Multiple Accounts This is often a recommendation, as opposed to a mandatory requirement Different accounts managed by different authorities Distinct versus independent passwords Difficult to enforce independent passwords; see above Even with the same authority, password values not typically compared

9 9 Passwords for Multiple Accounts When might the same password be used at different accounts? A risk management decision Some considerations 1. Type of attack(s) 2. Typical behaviour of account user 3. Account security or risk 4. Additional authentication factors

10 10 Passwords for Multiple Accounts – Type of Attack(s) Consider online attacks Though social engineering attacks remain a concern Random versus targeted attacks Random: An attack to compromise any account Targeted: An attack to compromise a specific account Targeted attacks might be discouraged with a number of security measures Account lockout after some number of login attempts Login monitoring systems to detect persistent failed attempts against one account

11 11 Passwords for Multiple Accounts – Type of Attack(s) Assuming that random attacks occur most often…the likelihood of extending the attack to other account systems (for the same compromised user) may be low Is there much motivation to attack that same user at a different account system? The attacker would have to know of the location of other account systems where the same user is registered The attacker would have to know of the account names So, password re-use might be ok in some cases

12 12 Passwords for Multiple Accounts – User Behaviour A “separation” between multiple accounts based upon user behaviour 1.Consistently accessing accounts from different locations Often forced today, e.g. no personal account access from work 2.Distinct account identifiers Create account separation, but also confusion 3.Physical and digital separation of account information regarding multiple accounts Can reduce risk of multiple account compromise

13 13 Passwords for Multiple Accounts – Account Security or Risk Often cited reason for distinct passwords Work account versus magazine subscription Don’t create a “weak link” by using a password for a high risk account, at an account that may not have similar security protections Previous conditions may help reduce this risk

14 14 Passwords for Multiple Accounts – Addn’l Authentication Factors Multiple authentication factors should be independent Compromise of one should not increase likelihood of other Similarly, using the same password across multiple accounts, with different secondary authentication factors, introduces additional risk Compromising a password at account A, and token for account B, shouldn’t allow compromise of either account But, if the password for A and B are the same… However, such additional risk may be tolerable

15 15 Passwords for Multiple Accounts – Summary Some potential for password re-use Attack type Increase protection against targeted attacks User behaviour Separate behavioural patterns and records Account security or risk Ensure separation amongst different account risk groups But, based on factors above, this might be lessened somewhat Additional authentication factors Reduce potential burden in case of additional factor

16 16 Further Thoughts What about the necessity of password updates? Multiple passwords over time, as opposed to space Memorize new, forget old Are other protections sufficient, e.g. “Last login time:” What about the necessity of strict password rules? 1 uppercase, 1 special character, … Can risks of random or targeted online attacks be sufficiently mitigated? Do additional factors allow for leniency?

17 17 Contact Information Mike Just Public Works and Government Services Canada (PWGSC) mike.just@pwgsc.gc.ca +1–613–952–6031 Carleton University School of Computer Science http://www.scs.carleton.ca/~just/


Download ppt "Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security."

Similar presentations


Ads by Google