Affiliation:
1. Department of Media and Information, Michigan State University, East Lansing, MI 48824, USA
Abstract
Abstract
Passwords are one of the most common security technologies that people use everyday. Choosing a new password is a security decision that can have important consequences for end users. Passwords can be long and complex, which prioritizes the security-focused aspects of a password. They can also be simple—easy to create, remember, and use—which prioritizes the usability aspects of the password. The tradeoff between password security versus usability represents competing constraints that shape password creation and use. We examined an ecologically valid dataset of 853 passwords entered a total of 2533 times by 134 users into 1010 websites, to test hypotheses about the impact of these constraints. We found evidence that choices about password complexity reflect an emphasis on security needs, but little support for the hypothesis that users take day-to-day ease of use of the password into account when creating it. There was also little evidence that password creation policies drive password choices.
Funder
U.S. National Science Foundation
Publisher
Oxford University Press (OUP)
Subject
Law,Computer Networks and Communications,Political Science and International Relations,Safety, Risk, Reliability and Quality,Social Psychology,Computer Science (miscellaneous)
Reference57 articles.
1. Understanding password choices: how frequently entered passwords are re-used across websites;Wash;Proceedings of the Symposium on Usable Privacy and Security (SOUPS),2016
2. Security when people matter: structuring incentives for user behavior;Wash,2007
3. Passwords and the evolution of imperfect authentication;Bonneau;Commun ACM,2015
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献