Corpus ID: 8236278

How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation

@inproceedings{Ur2012HowDY,
  title={How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation},
  author={B. Ur and P. Kelley and Saranga Komanduri and J. Lee and Michael Maass and Michelle L. Mazurek and Timothy Passaro and R. Shay and Timothy Vidas and L. Bauer and N. Christin and L. Cranor},
  booktitle={USENIX Security Symposium},
  year={2012}
}
  • B. Ur, P. Kelley, +9 authors L. Cranor
  • Published in USENIX Security Symposium 2012
  • Computer Science
    • To help users create stronger text-based passwords, many web sites have deployed password meters that provide visual feedback on password strength. Although these meters are in wide use, their effects on the security and usability of passwords have not been well studied. We present a 2,931-subject study of password creation in the presence of 14 password meters. We found that meters with a variety of visual appearances led users to create longer passwords. However, significant increases in… CONTINUE READING
    View Paper
    andrew.cmu.edu
    270 Citations
    Highly Influential Citations
    21
    Background Citations
    158
    Methods Citations
    48
    Results Citations
    4

    Supplemental Video

    30:36
    Video
    How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation
    SecurityTubeCons
    25 August 2012
    Explore Further
    Discover more papers related to the topics discussed in this paper

    Figures, Tables, and Topics from this paper

    Figures and Tables

    Explore Further: Topics Discussed in This Paper

    270 Citations
    Citation Type

    Citation Type

    Does my password go up to eleven?: the impact of password meters on password selection
    • 187
    • PDF
    Designing Better Password Strength Meters by Incorporating Contextual Information
    • 1
    Using Context-Based Password Strength Meter to Nudge Users' Password Generating Behavior: A Randomized Experiment
    • 10
    • PDF
    Designing Password Policies for Strength and Usability
    • 77
    • PDF
    Enhancing Operational Security by Redesigning Password Strength Meters: Evidence from Randomized Experiments
    • 1
    A Large-Scale Evaluation of High-Impact Password Strength Meters
    • 72
    • PDF
    Password Meters and Generators on the Web: From Large-Scale Empirical Study to Getting It Right
    • 15
    • Highly Influenced
    • PDF
    A A Large-Scale Evaluation of High-Impact Password Strength
    • PDF
    From Very Weak to Very Strong: Analyzing Password-Strength Meters
    • 137
    • PDF
    The Impact of Contextual Information on Users' Password Generating Behavior: A Randomized Experiment

    References

    SHOWING 1-10 OF 47 REFERENCES
    Improving text passwords through persuasion
    • 174
    • PDF
    Of passwords and people: measuring the effect of password-composition policies
    • 347
    • PDF
    Encountering stronger password requirements: user attitudes and behaviors
    • 312
    • PDF
    Improving computer security for authentication of users: Influence of proactive password restrictions
    • 104
    • PDF
    Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms
    • 376
    • PDF
    Improving password security and memorability to protect personal and organizational information
    • 192
    The true cost of unusable password policies: password use in the wild
    • 346
    • PDF
    Password Strength: An Empirical Analysis
    • 236
    • PDF
    Testing metrics for password creation policies by attacking large sets of revealed passwords
    • 370
    • Highly Influential
    • PDF
    A large-scale study of web password habits
    • 1,027
    • PDF