When the information age was young, authenticating user identity with a high level of confidence was simple - assign the user a password. For the majority of computer system users, this was the only password each had and the password could only be used in one place - at a stationary workstation within the physical confines of his/her place of employment.
Being a credentialed user also had status; the user was now a member of a privileged group. Consequently, user acceptance of the 'given' password, no matter its complexity, was high. These privileged users would devote the necessary time to commit the password to memory.
For system administrators, the combination of memory-intensive passwords, confined user populations, and a computer system that was accessible only through dedicated and observable workstations amounted to user authentication with limited risk of compromise.
Click here to view the whitepaper.
Share