Text passwords are the primary authentication method used for most online services. Many online users select weak passwords. Regrettably, most proposed methods of strengthening passwords compromise memorability. This paper explores a lightweight password creation mechanism's effect on password memorability. Our system employs Persuasive Technology to assist users in creating stronger passwords. Results show that our improvement scheme affected password memorability only for users who created secure passwords before the system applied its improvement. This result warns researchers to not alienate users who are already security-aware when trying to assist security-unaware users to behave more securely.

, , , , , ,
28th Annual CHI Conference on Human Factors in Computing Systems
School of Computer Science

Forget, A. (Alain), & Biddle, R. (2008). Memorability of persuasive passwords. Presented at the 28th Annual CHI Conference on Human Factors in Computing Systems. doi:10.1145/1358628.1358926