Remembering Your Secret Passwords: Difficult To Be Guessed by Intruders As Well as 'Authorized Users'?
The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were interviewed, with ages ranging from 18 to 93 years, and education level ranging from grade school to graduate degree. Contrary to our expectations, effects of cognitive decline due to aging were not observed on memory performance for passwords. The results suggested instead, that the number of password uses was the most influential factor on memory performance. That is, as the number of circumstances in which individuals utilized passwords increased, the incidence of forgotten and mixed-up passwords also increased. The theoretical significance of these findings and their implications for good practices on password usage are discussed.
"Pickering's Harem," so-called, [see below] for the group of women computers at the Harvard College Observatory, who worked for the astronomer Edward Charles Pickering. The group included Harvard computer and astronomer Henrietta Swan Leavitt (1868–1921), Annie Jump Cannon (1863–1941), Williamina Fleming (1857–1911), and Antonia Maury (1866–1952). Photograph courtesy of the Grasslands Observatory, circa 1900–1910
Before checking the balance in a bank account or sending an email to a friend, people are almost always required to enter a “secret” password to obtain access to these systems. These ubiquitous password requirements from computer based systems have the goal of avoiding unauthorized access to personal and often sensitive information. To be effective on this goal, however, the required passwords should be significantly difficult to be guessed by potential intruders. As a consequence, secure passwords are typically composed of uppercase and lowercase letters combined with numbers and special characters, and are at least six characters long. The intricate characteristics of secure passwords, however, posit an unfortunate problem for password users. That is, whereas such passwords are difficult to be guessed by intruders, they are in general considerably difficult to be remembered by authorized users.
As extensively shown by prior human memory research, people tend to exhibit better memory performance for the gist meaning of a past event than for its details . Although secure passwords can be related to meaningful information (e.g., the name of a family member), retrieval of its meaning content is usually not a sufficient condition to access secured information because passwords must be entered verbatim, which requires knowledge about its source (the system in which one should use a particular password) and structure (the precise organization of letters, numbers, and symbols that composes a password). Therefore, recommendations for creating secure passwords end up requiring users to retrieve memories for detailed (verbatim) information, which by their turn, fade quickly with the passage of time and are very susceptible to interference .
Prior research has shown that to circumvent the difficulty in learning and remembering secure passwords, people acquire several inappropriate practices on generating and storing their personal passwords . These practices include choosing passwords of personal significance, passwords short in length, excessively simple passwords, reusing passwords, and writing down passwords. In a study in which 860 password users at the American Department of Defense were surveyed, it was found that long passwords are not necessarily harder to recall than short ones, but passwords composed of various kinds of characters are in fact more difficult to remember and more likely to be written down than passwords composed of only one kind of character. In some cases, inappropriate password usage habits persist even after users are lectured about computer and information security issues.
Photograph from Wikimedia Commons
Pages: 1 · 2
- Promotion of Brain-Training Products Reassures and Entices a Worried Public
- Back to Reunion With Hillary and Madeleine, A Precarious Balancing Act to Be Downsized and Uplifted At the Same Time
- A Flexible Mind?
- Forget About Forgetting: Older Brains Slower Due to Greater Experience, Rather than Cognitive Decline
- A Stanford Study Finds Postmenopausal Estrogen Decline Largely Unrelated to Cognition Changes
- The Empty Frames: Last Seen Exhibit by French artist Sophie Calle at the Gardner Museum
- Elaine Soloway's Caregiving Series: When the Caregiver Needs Care
- Decreasing the Age of the Older Face: Are certain features or color dimensions more important than others for age perception?
- Lifelong Pursuits: Hooked on Bridge
- Never Too Old to Talk Tech: Ah Yes, I Remember It Well
No feedback yet