The IT Law Wiki

Private secret

32,060pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Private secrets are

items of information that are so intimately associated with an individual or with events in the (human) individual's life that no other person (or few others) would be expected to know about them.[1]

Overview Edit

"The use of private secrets for authentication causes several problems. People resist the use of private secrets for authentication on the grounds that they are private and should not have to be revealed to third parties (even to third parties who wish to authenticate us). Private secrets are rarely completely private.

This leads to another problem: Any item of information that is used as a private secret to authenticate an individual will typically be shared with all the people and organizations that want to authenticate the individual (technical measures exist that could prevent sharing this, but they are not widely used). Each party who authenticates the individual therefore comes to know the information that is supposed to be a private secret, and thus the information becomes less private and less secret as time goes by."[2]

References Edit

  1. Who Goes There?: Authentication Through the Lens of Privacy, at 48.
  2. Id.

Also on Fandom

Random Wiki