Jacobs Technion-Cornell Institute Professor Ari Juels recently spoke to the MIT Technology Review about his research into autocorrect for passwords.
“This is, in our view, a pretty big deal,” says Ari Juels, a professor at the Jacobs Technion-Cornell Institute at Cornell Tech, in New York City. “Websites should be changing their password policies to make users’ lives easier. The security degradation is pretty small.”
On the face of it, letting passwords with typos unlock an account sounds like a bad idea. After all, an attacker trying to guess your password wouldn’t need to get it exactly right. Facebook has been criticized for allowing people to log in even when they get the case of their password’s first character wrong, or accidentally have caps lock on.
Read the full article in the MIT Technology Review.