English

MFDPG: Multi-Factor Authenticated Password Management With Zero Stored Secrets

Cryptography and Security 2023-06-27 v1

Abstract

While password managers are a vital tool for internet security, they can also create a massive central point of failure, as evidenced by several major recent data breaches. For over 20 years, deterministic password generators (DPGs) have been proposed, and largely rejected, as a viable alternative to password management tools. In this paper, we survey 45 existing DPGs to asses the main security, privacy, and usability issues hindering their adoption. We then present a new multi-factor deterministic password generator (MFDPG) design that aims to address these shortcomings. The result not only achieves strong, practical password management with zero credential storage, but also effectively serves as a progressive client-side upgrade of weak password-only websites to strong multi-factor authentication.

Keywords

Cite

@article{arxiv.2306.14746,
  title  = {MFDPG: Multi-Factor Authenticated Password Management With Zero Stored Secrets},
  author = {Vivek Nair and Dawn Song},
  journal= {arXiv preprint arXiv:2306.14746},
  year   = {2023}
}
R2 v1 2026-06-28T11:14:37.798Z