The idea of using passphrases for storing stronger secrets has been around since at least 1982, yet little work has been done to improve the usability of this method. Diceware, the de facto method and passphrase wordlist, contains wonderfully easy to remember words such as “aeneid”, “zh”, and “$$” (Let’s not get started on “h”, “hh”, “hhh” and “hhhh”). Moreover, extended language support for Diceware is often based on translations of the original wordlist, which contains numerous Americanisms such as “howdy”, “hubbub”, and “Boise”.
In this talk, Peerio CTO Florencia Herra-Vega and Project Manager Skylar Nagao discuss the problems facing passphrases in the present, and propose alternative approaches to passphrase wordlist generation.
This article was written by Jeff Edwards on September 23, 2016
Jeff Edwards
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
- 17 Cybersecurity Podcasts You Should Listen to in 2020 - January 3, 2019
- What’s Changed: Gartner 2017 Magic Quadrant for Identity Governance and Administration (IGA) - January 28, 2018
- Crossmatch Integrates Keyboard Capture to Identity Management Software - November 27, 2017