>>
>> This, and things like
>>
>>
>> @inproceedings{BonneauSchechter2014:USENIX,
>> Address = {San Diego, CA},
>> Author = {Bonneau, Joseph and Schechter, Stuart},
>> Booktitle = {23rd USENIX Security Symposium (USENIX Security 14)},
>> Month = Aug,
>> Pages = {607--623},
>> Publisher = {USENIX Association},
>> Title = {Towards Reliable Storage of 56-bit Secrets in Human Memory},
>> Year = {2014}}
>>
>> https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/bonneau
>>
>> <https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/bonneau>
>>
>> are great. But the problem is that there is so far no testing (or reason to
>> believe) that people will be able to do that for dozens of independent
>> passwords. So those training schemes are good for something like a Master
>> Password for some password management system, but they are not useful for
>> the scores of passwords that people need to use.
>
There is an in depth reply to the rest stuck in the moderation queue for being
too long but now that I watched this I will respond. Very cool. Interesting
research.
I also thought this was great:
https://telepathwords.research.microsoft.com
<https://telepathwords.research.microsoft.com/>
The funny thing is, it doesn’t seem to like hashes very much. If really thought
hard about how to “beat the system” I was able to get to perhaps character 20
or something before I got a red X for typing a “u”.
Thanks for this.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography