Effectiveness of image-based mnemonic techniques for enhancing the memorability and security of user-generated passwords

Nelson, Deborah; Vu, Kim‐Phuong L.

doi:10.1016/j.chb.2010.01.007

Cited by 37 publications

(29 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another consequence of accessing a myriad of applications and systems is the use of the same password for multiple accounts [59]. Reusing credentials in multiple accounts can lead to "a domino effect" [58]. If the password for one account is exposed, then the security of all the other accounts is threatened.…”

Section: Password Securitymentioning

confidence: 99%

“…As a result of this non-recommended practice, passwords are vulnerable to guessing or brute force cracking. Various memory features can be used to address the memorability of secure passwords [58]: episodic memory, the self-reference effect, the generation effect, chunking, depth of processing, superiority of pictures over words, and mnemonic strategies. Another consequence of accessing a myriad of applications and systems is the use of the same password for multiple accounts [59].…”

Section: Password Securitymentioning

confidence: 99%

See 1 more Smart Citation

Analysis of health professional security behaviors in a real clinical setting: An empirical study

Fernández-Alemán

Sánchez-Henarejos

Toval

et al. 2015

International Journal of Medical Informatics

View full text Add to dashboard Cite

Section: Password Securitymentioning

confidence: 99%

Section: Password Securitymentioning

confidence: 99%

Analysis of health professional security behaviors in a real clinical setting: An empirical study

Fernández-Alemán

Sánchez-Henarejos

Toval

et al. 2015

International Journal of Medical Informatics

View full text Add to dashboard Cite

“…Nicholson, Briggs, & Coventry, 2012) and here we propose using a picture to link the processes of password creation and recall for a specific account. Previous work has shown that pictorial cues have the potential to influence better password creation (Nelson & Vu, 2010) and that images can be linked with text for long-term memorability in an authentication context (Renaud & Just, 2010) when used under the right circumstances.…”

Section: Binding Passwords To Accountsmentioning

confidence: 99%

Simple Nudges for Better Password Creation

Nicholson

Vlachokyriakos

Coventry

et al. 2018

Electronic Workshops in Computing

View full text Add to dashboard Cite

Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords.

show abstract

“…This might be achieved by training users and raising their awareness about the risks associated with the use of weak passwords, as well as recommending good practices, such as specific mnemonic techniques [19]. Prior research [34], demonstrated that passwords generated by means of a mnemonic technique, as the first letters of a song verse (e.g., for the verse “Welcome to the Hotel California!”, create password “W2tHCa!”), can be as memorable as simple words and as secure as random strings (see also [35]). Also, if it is the number of passwords owned by the users the main source of difficulties in passwords use, it seems that the only reasonable solution is to have a number of passwords that normal adults can handle, which is a maximum of four to five passwords [15].…”

Section: Discussionmentioning

confidence: 99%

Passwords Usage and Human Memory Limitations: A Survey across Age and Educational Background

et al. 2012

View full text Add to dashboard Cite

The present article reports a survey conducted to identify the practices on passwords usage, focusing particularly on memory limitations and the use of passwords across individuals with different age and education backgrounds. A total of 263 participants were interviewed, with ages ranging from 18 to 93 years, and education level ranging from grade school to graduate degree. Contrary to our expectations, effects of cognitive decline due to aging were not observed on memory performance for passwords. The results suggested instead, that the number of password uses was the most influential factor on memory performance. That is, as the number of circumstances in which individuals utilized passwords increased, the incidence of forgotten and mixed-up passwords also increased. The theoretical significance of these findings and their implications for good practices on password usage are discussed.

show abstract

Effectiveness of image-based mnemonic techniques for enhancing the memorability and security of user-generated passwords

Cited by 37 publications

References 27 publications

Analysis of health professional security behaviors in a real clinical setting: An empirical study

Analysis of health professional security behaviors in a real clinical setting: An empirical study

Simple Nudges for Better Password Creation

Passwords Usage and Human Memory Limitations: A Survey across Age and Educational Background

Contact Info

Product

Resources

About