Remembering Your Secret Passwords: Difficult To Be Guessed by Intruders As Well as 'Authorized Users'?
Abstract
The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were interviewed, with ages ranging from 18 to 93 years, and education level ranging from grade school to graduate degree. Contrary to our expectations, effects of cognitive decline due to aging were not observed on memory performance for passwords. The results suggested instead, that the number of password uses was the most influential factor on memory performance. That is, as the number of circumstances in which individuals utilized passwords increased, the incidence of forgotten and mixed-up passwords also increased. The theoretical significance of these findings and their implications for good practices on password usage are discussed.
"Pickering's Harem," so-called, [see below] for the group of women computers at the Harvard College Observatory, who worked for the astronomer Edward Charles Pickering. The group included Harvard computer and astronomer Henrietta Swan Leavitt (1868–1921), Annie Jump Cannon (1863–1941), Williamina Fleming (1857–1911), and Antonia Maury (1866–1952). Photograph courtesy of the Grasslands Observatory, circa 1900–1910
Introduction
Before checking the balance in a bank account or sending an email to a friend, people are almost always required to enter a “secret” password to obtain access to these systems. These ubiquitous password requirements from computer based systems have the goal of avoiding unauthorized access to personal and often sensitive information. To be effective on this goal, however, the required passwords should be significantly difficult to be guessed by potential intruders. As a consequence, secure passwords are typically composed of uppercase and lowercase letters combined with numbers and special characters, and are at least six characters long. The intricate characteristics of secure passwords, however, posit an unfortunate problem for password users. That is, whereas such passwords are difficult to be guessed by intruders, they are in general considerably difficult to be remembered by authorized users.
As extensively shown by prior human memory research, people tend to exhibit better memory performance for the gist meaning of a past event than for its details . Although secure passwords can be related to meaningful information (e.g., the name of a family member), retrieval of its meaning content is usually not a sufficient condition to access secured information because passwords must be entered verbatim, which requires knowledge about its source (the system in which one should use a particular password) and structure (the precise organization of letters, numbers, and symbols that composes a password). Therefore, recommendations for creating secure passwords end up requiring users to retrieve memories for detailed (verbatim) information, which by their turn, fade quickly with the passage of time and are very susceptible to interference .
Prior research has shown that to circumvent the difficulty in learning and remembering secure passwords, people acquire several inappropriate practices on generating and storing their personal passwords . These practices include choosing passwords of personal significance, passwords short in length, excessively simple passwords, reusing passwords, and writing down passwords. In a study in which 860 password users at the American Department of Defense were surveyed, it was found that long passwords are not necessarily harder to recall than short ones, but passwords composed of various kinds of characters are in fact more difficult to remember and more likely to be written down than passwords composed of only one kind of character. In some cases, inappropriate password usage habits persist even after users are lectured about computer and information security issues.
Photograph from Wikimedia Commons
Pages: 1 · 2
More Articles
- National Institutes of Health: Common Misconceptions About Vitamins and Minerals
- National Institutes of Health: COVID-19 Vaccines Linked to Small Increase in Menstrual Cycle Length
- Earnings for Full-time, Year-round workers: Women at Work From the US Census Bureau
- Scientific American: How Reliable Are the Memories of Sexual Assault Victims? The Expert Testimony Excluded from the Kavanaugh Hearing
- The Great Recession: Gen X Rebounds as the Only Generation to Recover the Wealth Lost After the Housing Crash
- My New Roommates, Alexa and Google Home
- Improving People’s Relationships with Technology and With Fellow Humans
- Tracy K. Smith, the New Poet Laureate: "Her work travels the world and takes on its voices; brings history and memory to life"
- Wisdom, The Oldest Living Banded Bird, Returns to Wildlife Refuge
- Puzzling: Jumbled Words, Anagrams, Crosswords, Cryptograms, Acrostics, I Love Them All