ABSTRACT

Beyond Passwords: Usage and Policy Transformation   [open pdf - 944KB]

"The purpose of this research is to determine whether the transition to a two-factor authentication system is more secure than a system that relied only on what users "know" for authentication. While we found that factors that made passwords inherently vulnerable did not transfer to the PIN portion of a two-factor authentication system, we did find significant problems relating to usability, worker productivity, and the loss and theft of smart cards. The new authentication method has disrupted our ability to stay connected to ongoing mission issues, forced some installations to cut off remote access for their users and in one instance, caused a reserve unit to regress 10 years in their notification and recall procedures. The best-case scenario for lost productivity due to users leaving their CAC at work, in their computer, is costing 261 work years per year with an estimated cost of 10.4 million payroll dollars. Finally, the new authentication method is causing an increase in the loss or theft of CACs, our primary security mechanism for accessing DoD installations, at a rate of 28,222 a year. A single tool, such as the CAC, for all systems and services, carries much power, are we prepared for the responsibility?"

Author:
Publisher:
Date:
2007-03
Copyright:
Public Domain
Retrieved From:
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations