@misc{rfc9588, series = {Request for Comments}, number = 9588, howpublished = {RFC 9588}, publisher = {RFC Editor}, doi = {10.17487/RFC9588}, url = {https://www.rfc-editor.org/info/rfc9588}, author = {Nathaniel McCallum and Simo Sorce and Robbie Harwood and Greg Hudson}, title = {{Kerberos Simple Password-Authenticated Key Exchange (SPAKE) Pre-authentication}}, pagetotal = 33, year = 2024, month = aug, abstract = {This document defines a new pre-authentication mechanism for the Kerberos protocol. The mechanism uses a password-authenticated key exchange (PAKE) to prevent brute-force password attacks, and it may incorporate a second factor.}, }