| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 10341470 | Computers & Security | 2005 | 15 Pages |
Abstract
We introduce query-directed passwords (QDP), an authentication procedure based on questions and answers - where the answers are known, not memorized. QDP is particularly convenient for infrequent use, such as monthly or yearly authentication to seldom-accessed accounts. Applications are described that capitalize on advantages of QDP. One of these is an automated password recovery system where testing showed a reduced use of Help Desk personnel for repeated, forgotten passwords from 20% to 2.7%. We discuss other applications, experimental results, and future research directions.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Lawrence O'Gorman, Amit Bagga, Jon Bentley,