The IT Law Wiki

Password-only authentication

32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Password-only authentication is a security process that relies solely on a password to prevent unauthorized access to a system.

Overview Edit

"The primary advantage of password-only authentication is that it can be implemented entirely in software, thus avoiding the cost of special purpose authentication hardware. However, password systems have a number of disadvantages in practice which restrict their use to applications with minimal security requirements, or situations where password management can be strictly controlled. Password based authentication is most effective when combined with other authentication techniques."[1]

"A number of factors affect the security of a system which relies on passwords for authentication. These factors include the composition, length, lifetime, source, ownership, distribution, storage, entry, transmission, and authentication period of the passwords."[2]

References Edit

  1. FIPS 191, §3.1.
  2. Id. §3.2.

Also on Fandom

Random Wiki