Password hardening based on keystroke dynamics

Fabian Monrose, Michael K. Reiter, Susanne Wetzel

Research output: Contribution to conferencePaperpeer-review

212 Scopus citations

Abstract

We present a novel approach to improving the security of passwords. In our approach, the legitimate user's typing patterns (e.g., durations of keystrokes, and latencies between keystrokes) are combined with the user's password to generate a hardened password that is convincingly more secure than conventional passwords against both online and offline attackers. In addition, our scheme automatically adapts to gradual changes in a user's typing patterns while maintaining the same hardened password across multiple logins, for use in file encryption or other applications requiring a long-term secret key. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance.

Original languageEnglish
Pages73-82
Number of pages10
DOIs
StatePublished - 1999
EventProceedings of the 1999 6th ACM Conference on Computer and Communications Security (ACM CCS) - Singapore, Singapore
Duration: 2 Nov 19994 Nov 1999

Conference

ConferenceProceedings of the 1999 6th ACM Conference on Computer and Communications Security (ACM CCS)
CitySingapore, Singapore
Period2/11/994/11/99

Fingerprint

Dive into the research topics of 'Password hardening based on keystroke dynamics'. Together they form a unique fingerprint.

Cite this