翻訳と辞書 |
Partial Password : ウィキペディア英語版 | Partial Password
Partial Password is a mode of password authentication. By asking the user to enter only a few specific characters from their password,〔(【引用サイトリンク】accessdate=2011-03-03 )〕 rather than the whole password, partial passwords help to protect the user from password theft. As only part of the password is revealed at once it becomes more difficult to obtain the password using techniques such as keystroke logging or shoulder surfing. There is a paper by David Aspinall and Mike Just 〔(【引用サイトリンク】accessdate=2015-10-14 )〕 that describes Partial Password implementations and attacks in a detailed study. ==Verifying Partial Passwords==
It is good practice to not store passwords in cleartext. Instead when checking a whole password it is common to store the result of passing the password to a cryptographic hash function. As the user doesn't supply the whole password it cannot be verified against a stored digest of the whole password. Some have suggested storing the digest of each combination of letters that could be requested but they note that this results in generating and storing a large amount of digests.〔(【引用サイトリンク】accessdate=2011-03-03 )〕〔(【引用サイトリンク】url=http://www.smartarchitects.co.uk/news/9/15/Partial-Passwords---How.html )〕 A better solution in terms of storage space and security is using a secret sharing scheme.〔〔(Update to Partial Passwords )〕
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Partial Password」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|