Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Democracy would be dead where the password is killed
Some security people are advocating that the password should be kille...
Mix up “Unique” with “Secret” and
we would confuse “Identification” with “Authentication”
Biometrics follows “unique” feat...
Truth does not matter in infosec?
Tech media seem busy arguing which biometrics is better than the others.
But it is all n...
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital Transformation Dinis Guarda
Next
Upcoming SlideShare
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital Transformation Dinis Guarda
Next
Download to read offline and view in fullscreen.

Share

Democracy would be dead where the password is killed

Download to read offline

Democracy must require the individuals to have the rights not to get their identity authenticated without their knowingly confirming it. This volitional process can be achieved only with "volitional" identity authentication made possible by "memorized secrets", say, passwords and expanded passwords.

<reference>

Slide: Password Fatigue and Expanded Password System
http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-system

Article (7-page): Intuitive Password – passwords succeeding passwords
https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding-passwords

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Democracy would be dead where the password is killed

  1. 1. Democracy would be dead where the password is killed Some security people are advocating that the password should be killed dead. I wonder if they are aware of what they mean by what they say. A society where login without users’ volition is allowed would be the society where democracy is dead. It’s a tyrant’s utopia. We know that biometrics, which relies on a fallback password, can by no means be an alternative to the password, that the password is an indispensable factor for multi-factor schemes and that the security of password managers and single-sign-on schemes needs to hinge on the reliability of the password. The password (memorized secret) is absolutely necessary. Don’t let it be killed. Don’t accept any form of passwordless login. < Related Articles > P2 Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” P3 Truth does not matter in infosec? <Reference> Slide: Password Fatigue and Expanded Password System http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-s ystem Article (7-page): Intuitive Password – passwords succeeding passwords https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding- passwords
  2. 2. Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” Biometrics follows “unique” features of individuals’ bodies and behaviors. It means that it could be well used when deployed for identification of individuals who may be conscious or unconscious, alive or dead. Due respect could be paid to biometrics in this sphere. Being “unique” is different from being “secret”, however. It would be a misuse of biometrics if deployed for security of the identity authentication of individuals. Confusing “Identification” with “Authentication”, we would be building a sandcastle in which people are trapped in a nefarious false sense of security. However gigantic and grandiose it may look, the sandcastle could melt away altogether when we have a heavy storm. And, the storm will come. The question is not “if”, but just “how soon”. < Related Articles > P2 Truth does not matter in infosec? P3 Democracy would be dead where the password is killed < Videos > Turn off biometrics where security matters (30 seconds) https://youtu.be/7UAgtPtmUbk Biometrics in Cyber Space - "below-one" factor authentication https://youtu.be/wuhB5vxKYlg Six Reasons to Believe Biometrics Don't Ruin Cyber Security https://youtu.be/lODTiO2k8ws Password-free Life - Utopia or Dystopia? (30 seconds) https://youtu.be/UJDBZpX1a0U Password Predicament and Expanded Password System https://youtu.be/-KEE2VdDnY0
  3. 3. Truth does not matter in infosec? Tech media seem busy arguing which biometrics is better than the others. But it is all nonsense from security’s point of view. Instead we should ask why security-lowering measures have been touted as security-enhancing solutions. Because of its inherent characteristics, biometrics depends on a fallback means in case of false rejection. In physical security, it could be handled by personnel in charge other than the user. In cybersecurity, however, it needs to be handled by the user themselves, in most cases by way of a password that the user themselves needs to feed. So long as the biometrics is backed up by a fallback password, irrespective of which are more accurate than the others, its security is lower than that of a password-only authentication as illustrated in this video. https://youtu.be/wuhB5vxKYlg Then, we have to wonder why and how the biometrics has been touted as a security-enhancing tool for so long, with so many security professionals being silent about the fact. There could be various explanations – from agnotology, neuroscience, psychology, sociology, behavioral economics and so on. This phenomenon will perhaps be found to have provided an excitingly rich material for a number of scientists and researchers in those fields. Summary of the video > >

Democracy must require the individuals to have the rights not to get their identity authenticated without their knowingly confirming it. This volitional process can be achieved only with "volitional" identity authentication made possible by "memorized secrets", say, passwords and expanded passwords. &lt;reference> Slide: Password Fatigue and Expanded Password System http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-system Article (7-page): Intuitive Password – passwords succeeding passwords https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding-passwords

Views

Total views

9,079

On Slideshare

0

From embeds

0

Number of embeds

29

Actions

Downloads

3

Shares

0

Comments

0

Likes

0

×