Academic Commons


Unconventional Wisdom

Bellovin, Steven Michael

We are told that passwords are evil. We are told to change our passwords frequently, and never, never to write them down. We are even told that if you work for most U.S. corporations, frequent password changes are required by law. How much of this is true, and how much is simply mythology? Remarkably enough, the conventional wisdom can be wrong on all of these points, even the first.



Also Published In

IEEE Security & Privacy

More About This Work

Academic Units
Computer Science
Published Here
June 29, 2010