Sciweavers

SOUPS
2006
ACM

Passpet: convenient password management and phishing protection

14 years 4 months ago
Passpet: convenient password management and phishing protection
We describe Passpet, a tool that improves both the convenience and security of website logins through a combination of techniques. Password hashing helps users manage multiple accounts by turning a single memorized password into a different password for each account. User-assigned site labels (petnames) help users securely identify sites in the face of determined attempts at impersonation (phishing). Password-strengthening measures defend against dictionary attacks. Customizing the user interface defends against user-interface spoofing attacks. We propose new improvements to these techniques, discuss how they are integrated into a single tool, and compare Passpet to other solutions for managing passwords and preventing phishing. Categories and Subject Descriptors C.2.0 [Computer-Communication Networks]: General—Security and protection; H.3.5 [Information Storage and Retrieval]: Online Information Services— Web-based services; H.4.3 [Information Systems Applications]: Communicati...
Ka-Ping Yee, Kragen Sitaker
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where SOUPS
Authors Ka-Ping Yee, Kragen Sitaker
Comments (0)