Encouraging users to improve password security and memorability

@article{Yildirim2019EncouragingUT,
  title={Encouraging users to improve password security and memorability},
  author={Merve Yildirim and Ian Mackie},
  journal={International Journal of Information Security},
  year={2019},
  pages={1-19}
}
Security issues in text-based password authentication are rarely caused by technical issues, but rather by the limitations of human memory, and human perceptions together with their consequential responses. This study introduces a new user-friendly guideline approach to password creation, including persuasive messages that motivate and influence users to select more secure and memorable text passwords without overburdening their memory. From a broad understanding of human factors-caused… Expand
Enhanced Evaluation Model of Security Strength for Passwords Using Integrated Korean and English Password Dictionaries
  • Ki Hyeon Hong, Un-Gu Kang, Byung Mun Lee
  • Computer Science
  • Secur. Commun. Networks
  • 2021
TLDR
A non-English, Korean language-based password dictionary is composed and a password security evaluation model based on this for Korean users is proposed and shown to be superior to the existing model. Expand
An Experimental Study to Understand How Users Choose Password
TLDR
The study’s results confirm that the importance of a website affects users’ behaviors and passwords. Expand
Passphrase and keystroke dynamics authentication: Usable security
TLDR
If all the model components are considered, the proposed two-tier user authentication solution has the potential to improve security and usability in the user authentication process. Expand
Authenticating Passwords by Typing Pattern Biometrics
TLDR
Results obtained indicated that typing patterns are distinct even on simple guessable passwords and that typing pattern biometrics strengthens the authentication process. Expand
Password policy characteristics and keystroke biometric authentication
TLDR
Substutions of uppercase, numeric, special characters, and their combination on passwords derived from English words are considered, which suggests that phrases containing fewer characters have greater accuracy, except for those with special character substitutions. Expand
Knowledge based Authentication Techniques and Challenges
TLDR
A comparative analysis of KBA’s techniques based on trade-off criteria to support making of decision can support organizations in the recommendations process of a suitable KBA technique for organizations. Expand
An Exploration of Hot-Spots in Locimetric Passwords
TLDR
This paper confirms the presence of hot-spots in high-resolution images, thus influencing the locimetric authentication scheme's effectiveness, and finds that neither user characteristics (such as age, gender, and income) nor password length radically influence their extent. Expand
Cognitive Variability Factors and Passphrase Selection
TLDR
This study spotlights individualistic behavioral assimilation of passphrase styles for design insight and recall abilities andidated locus of control personality and memory associative instruments demonstrated the internal and external personality types and cognitive response types that contribute to the systematic quest toward a more memorable passphrase scheme. Expand
A Systematic Literature Review of the Types of Authentication Safety Practices among Internet Users
The authentication system is one of the most important methods for maintaining information security in smart devices. There are many authentication methods, such as password authentication, biometricExpand
Analysis of user Awareness for Saudi State Mobile Applications
314 Published By: Blue Eyes Intelligence Engineering and Sciences Publication Retrieval Number: 100.1/ijrte.D4996119420 DOI:10.35940/ijrte.D4996.119420 Abstract: In this article, we analyze theExpand
...
1
2
...

References

SHOWING 1-10 OF 86 REFERENCES
Improving password security and memorability to protect personal and organizational information
TLDR
Imposing password restrictions alone did not necessarily lead to more secure passwords, however, the use of a technique for which the first letter of each word of a sentence was used coupled with a requirement to insert a special character and digit yielded more secure password that were more memorable. Expand
Have the cake and eat it too - infusing usability into text-password based authentication systems
TLDR
This work proposes, develops and evaluates a system that automatically generates memorable mnemonics for a given password based on a text-corpus, and initial experimental results suggest that automatic mnemonic generation is a promising technique for making text-password systems more usable. Expand
The usability of passphrases for authentication: An empirical field study
TLDR
Results indicate that passphrase users experienced a rate of unsuccessful logins due to memory recall failure similar to that of users of self-generated simple passwords and stringent passwords, however, passphrase Users had more failed login attempts due to typographical errors than did users of either simple or highly secure passwords. Expand
Multiple password interference in text passwords and click-based graphical passwords
TLDR
In this study, click-based graphical passwords were significantly less susceptible to multiple password interference in the short-term, while having comparable usability to text passwords in most other respects. Expand
Password advice shouldn't be boring: Visualizing password guessing attacks
TLDR
It is proposed that users would be empowered to make better password choices if they understood how password guessing attacks work through visual communication, and created three infographic posters and an online educational comic to help users to learn about the threats. Expand
Password Creation in the Presence of Blacklists
TLDR
It is found that participants who reused even a modified version of a blacklisted attempt during the password creation task ultimately created significantly weaker passwords than those who did not attempt to use aBlacklisted password, but results indicate that text feedback provided by a password meter mitigated this effect. Expand
"I Added '!' at the End to Make It Secure": Observing Password Creation in the Lab
TLDR
To understand the genesis of common password patterns and uncover average users' misconceptions about password strength, a qualitative interview study is conducted that identifies aspects of password creation ripe for improved guidance or automated intervention. Expand
How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation
TLDR
It was found that meters with a variety of visual appearances led users to create longer passwords, however, significant increases in resistance to a password-cracking algorithm were only achieved using meters that scored passwords stringently. Expand
Password Composition Policy: Does Enforcement Lead to Better Password Choices?
The primary function of access controls is to restrict the use of information systems and other computer resources to authorised users only. Although more secure alternatives exist, password-basedExpand
Of passwords and people: measuring the effect of password-composition policies
TLDR
A large-scale study investigates password strength, user behavior, and user sentiment across four password-composition policies, and describes the predictability of passwords by calculating their entropy, finding that a number of commonly held beliefs about password composition and strength are inaccurate. Expand
...
1
2
3
4
5
...