[unisog] Anyone have a citation for an academic research study on whether mandatory password changes increase security?

John Kristoff jtk at depaul.edu
Mon May 7 03:13:40 GMT 2007


On Sat, 5 May 2007 13:31:49 -0400
"H. Morrow Long" <morrow.long at yale.edu> wrote:

> Anyone have a citation for an academic research study on whether  
> mandatory password expiration and changes increase security?

Try this, as I recall it at least raises that meme and if not in the
academic sense of revealing any real or perceived benefit, they do
offer at least arguments in favor or against it:

  Password Memorability and Security: Empirical Results
  IEEE Security and Privacy  Volume 2 ,  Issue 5  (September 2004)  Pages: 25 - 31    Year of Publication: 2004  ISSN:1540-7993 

John


More information about the unisog mailing list