The IT Law Wiki

Synthetic secret

32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Synthetic secrets are

items of information created specifically for the purpose of authentication; they typically have no relation to characteristics of the individual or to events in the (human) individual's life. Passwords are a type of synthetic secret (when used properly) and the classic example of the "something you know" approach to authentication.[1]

Overview Edit

"The principal problem with using a synthetic secret for authentication is that because it is unrelated to the individual's life in any meaningful way, it is often difficult to remember. . . . This problem arises because synthetic secrets that are easy to remember are also usually easy for others to discover or guess.[2]

References Edit

  1. Who Goes There?: Authentication Through the Lens of Privacy, at 48.
  2. Id.

Also on Fandom

Random Wiki