Interdisciplinary Research Group in Socio-technical Cybersecurity
A Protocol to Strengthen Password-Based Authentication
We discuss a password-based authentication protocol that we argue to be robust against password-guessing and o-line dictionary attacks. The core idea is to hash the passwords with a seed that comes from an OTP device, making the resulting identity token unpredictable for an adversary. We believe that the usability of this new protocol is the same as that of password-based methods with OTP, but has the advantage of not burdening users with having to choose strong passwords.
Get in touch with us
SnT – Interdisciplinary Centre for Security, Reliability and Trust
29, Avenue J.F Kennedy L-1855 Luxembourg