Text passwords are the primary authentication method used for most online services. Many online users select weak passwords. Regrettably, most proposed methods of strengthening passwords compromise memorability. This paper explores a lightweight password creation mechanism's effect on password memorability. Our system employs Persuasive Technology to assist users in creating stronger passwords. Results show that our improvement scheme affected password memorability only for users who created secure passwords before the system applied its improvement. This result warns researchers to not alienate users who are already security-aware when trying to assist security-unaware users to behave more securely.

Additional Metadata
Keywords Authentication, Chunking, Computer security, Memory, Passwords, Persuasive technology, Usable security
Persistent URL dx.doi.org/10.1145/1358628.1358926
Conference 28th Annual CHI Conference on Human Factors in Computing Systems
Citation
Forget, A. (Alain), & Biddle, R. (2008). Memorability of persuasive passwords. Presented at the 28th Annual CHI Conference on Human Factors in Computing Systems. doi:10.1145/1358628.1358926