Two comp-sci boffins have proposed that websites cooperate to block password re-use, even though they predict the idea will generate "contempt” among many end users, .
Their expectation is founded on experience: Troy Hunt's HaveIBeenPwned is useful because so many people reuse passwords, and it currently claims to record more than five billion breached accounts.
As the University of Carolina's Ke Coby Wang and Michael Ritter write in this paper at arXiv, password re-use doesn't just expose users: “preventing, detecting, and cleaning up compromised accounts and the value thus stolen is a significant cost for service providers as well”.
While single sign-on schemes like OAuth are moderately popular among users, the paper points out two issues holding them back.
Time to ditch the Facebook login: If customers' data should be protected, why hand it over to Zuckerberg?READ MORE
First, if a user's OAuth credentials are compromised (and they don't run extra protections such as two-factor authentication), the attacker has access to all of the associated accounts.
Second, the paper says, “the identity provider in these schemes typically learns the relying parties visited by the user” – something recent privacy scandals cast in a poor light.
Even if users are hostile to being asked to live by the “one password per site” rule, the pair believe it's worth braving user hostility to stop them re-using passwords. The question is: how?
At the outline level it's easy: a server where the user is registering a new account – the requester – asks other sites (responders) whether that individual has used the same password with them.
However, they write, that has to be done in a way that protects those passwords (the sites can only say “yes” or “no”, without handing around a password); the sites also have to identify the right user; and the scheme would have to avoid imposing excessive overheads on authentication servers.
Since any kind of Internet-transported directory lookup demands the directory be protected, the Wang/Ritter protocol proposes homomorphic encryption (a scheme called ElGamal), meaning lookups can query the database without decrypting it to get their “hit/miss” decision.
Wang and Ritter believe if a scheme like theirs were adopted by even a relatively small subset of major Websites (say, YouTube, Facebook, WhatsApp, Gmail, Instagram, Tumblr, iCloud), users would end up with more passwords than they could recall – and that would achieve the most important aim of the proposal, which is to force punters to use password managers that get in their faces and firmly insist on complex and fresh passwords for every online service. ®