Password authentication is one of the simplest and the
most convenient authentication mechanisms to deal with
secret data over insecure networks. It is more frequently
required in areas such as computer networks,
wireless networks, remote login systems, operation systems,
and database management systems. In this paper,
we shall present the result of our survey through all currently
available password-authentication-related schemes
and get them classified in terms of several crucial criteria.
To be critical, most of the existing schemes are vulnerable
to various attacks and fail to serve all the purposes an
ideal password authentication scheme should. In order to
see how different password authentication schemes compare
in different situations, we define all possible attacks
and goals that an ideal password authentication scheme
should withstand and achieve. We should hope that the
attacks and goals we offer here can also help future researchers
develop better schemes.
