The best way to protect passwords may be creating fake ones

Password managers are a great way to supply random, unique passwords to a high number of websites. But most still have an Achilles’ heel: Usually, a single master password unlocks the entire vault.

But a group of researchers has developed a type of password manager that creates decoy password vaults if a wrong master password is supplied.

A paper on the experimental software, called NoCrack, will be presented on May 19 at the IEEE Symposium on Security and Privacy in San Jose, California.

NoCrack is intended to make it much more time-consuming and difficult for attackers to figure out if they’ve hit pay dirt.

To read this article in full or to leave a comment, please click here