Sweet Password Security Strategy: Honeywords

A posting from Information Week in there security section: Businesses should seed their password databases with fake passwords and then monitor all login attempts for use of those credentials to detect if hackers have stolen stored user information.

That’s the thinking behind the “honeywords” concept first proposed this month in “Honeywords: Making Password-Cracking Detectable,” a paper written by Ari Juels, chief scientist at security firm RSA, and MIT professor Ronald L. Rivest, who co-invented the RSA algorithm (he’s the “R”).

The term “honeywords” is a play on “honeypot,” which in the information security realm refers to creating fake servers and then learning how attackers attempt to exploit them — in effect, using them to help detect more widespread intrusions inside a network.

To read more click here: 

Be the first to comment

Leave a Reply

Your email address will not be published.


*


error: Content is protected !!