Client-Server Password Recovery (Extended Abstract)

Details Client-Server Password Recovery (Extended Abstract) Client-Server Password Recovery (Extended Abstract)

2009-06-25

arxiv.org/abs/0906.4668v1

Computer Science

Cryptography and Security

Scientific paper

Human memory is not perfect - people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover a password from a server using partial knowledge of the password. These protocols can be easily adapted to the personal entropy setting, where a user can recover a password only if he can answer a large enough subset of personal questions. We introduce client-server password recovery methods, in which the recovery data are stored at the server, and the recovery procedures are integrated into the login procedures. These methods apply to two of the most common types of password based authentication systems. The security of these solutions is significantly better than the security of presently proposed password recovery schemes. Our protocols are based on a variation of threshold encryption that may be of independent interest.

Affiliated with

Also associated with

No associations

Rating

Client-Server Password Recovery (Extended Abstract) does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Client-Server Password Recovery (Extended Abstract), we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Client-Server Password Recovery (Extended Abstract) will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-537351