You cannot simply ban password sharing. People will always need to share access to accounts (e.g., billing@company.com or noreply@service.com). The solution is not to stop sharing; it is to stop sharing the password itself.
Passwords remain the dominant authentication method despite known weaknesses. A single leaked password grants full access. The K-shared password paradigm mitigates this by distributing trust: no single share is sufficient to authenticate, and compromise of up to ( K-1 ) shares reveals no information about the password. kshared password
Abstract:
Traditional password-based authentication suffers from a single point of failure: compromise of the stored password hash or user password leads to complete account takeover. This paper introduces the K-shared password (KSP) scheme, a cryptographic protocol that splits a password into ( N ) shares, requiring at least ( K ) of them (( K \leq N )) to reconstruct the original password for authentication. We analyze its security properties, implementation challenges, and potential applications in high-risk environments. You cannot simply ban password sharing
If you absolutely must have a true kshared password (legacy on-premise hardware, for example), set a mandatory rotation policy: every 30 days, the password changes, and only the password manager’s “share” feature distributes the new one. the password changes
If you need high-speed downloads but do not want to pay for a subscription: