SRC Technical Note 1997-033

Strengthening Passwords

Martin Abadi, T. Mark A. Lomas, and Roger Needham

Note #1997-033, September 4, 1997 (with minor revisions on December 16, 1997)

Despite their notorious vulnerability, traditional passwords remain important for security. In this paper we describe a method for strengthening passwords. Our method does not require users to memorize or to write down long passwords, and does not rely on smart-cards or other auxiliary hardware. The main cost of our method is that it lengthens the process of checking a password.

Back to the SRC Technical Notes main page.

Download note as:

PostScript compressed with UNIX compress -- 74 Kbytes
PostScript compressed with GNU compress (gzip) -- 64 Kbytes
PostScript compressed with ZIP -- 64 Kbytes
PostScript -- 153 Kbytes
Portable Document Format (PDF) -- 42 Kbytes
Hypertext (HTML)