Passwords Evolved: Authentication Guidance for the Modern Era
▻http://feedproxy.google.com/~r/TroyHunt/~3/O-sTZ5KA_wg
Sponsored by: Build your own mock malware and test your stack. Stackhackr will tell you if your company is vulnerable. Built by Barkly.In the beginning, things were simple: you had two strings (a username and a password) and if someone knew both of them, they could log in. Easy.
But the ecosystem in which they were used was simple too, for example in MIT’s Time-Sharing Computer, considered to be the first computer system to use passwords:
We’re talking back in the 60’s here so a fair bit has happened since then. Up until the last couple of decades, we had a small number of accounts and very limited connectivity which made for a pretty simple threat landscape. Your “adversaries” were those in the immediate vicinity, that is people who could gain direct physical access to the system. (...)