Remembering Multiple Passwords by Way of Minimal-Feedback Hints: Replication and Further Analysis

Morten Hertzum

    Publikation: Bidrag til bog/antologi/rapportKonferencebidrag i proceedingsForskning

    Abstract

    Passwords are a prominent mechanism for user authentication but entail a conflict between ease of use and security in that passwords must be both easy to remember for the password holder and difficult to guess for everybody else. To support users in remembering their passwords minimal-feedback hints for remote authentication (MiFA) provide users with a couple of the password characters when users are prompted for their password. In this study MiFA hints, originally devised by Lu and Twidale (2003), were evaluated by having 14 participants create five passwords each and prompting them for these passwords after one week and after four weeks. With the aid of MiFA hints participants remembered significantly more passwords and were significantly more confident in the correctness of their memory of their passwords than without hints. However, many of the passwords created by the participants were weak, for example a word followed by one or more digits, and vulnerable to dictionary attacks.
    OriginalsprogEngelsk
    TitelProceedings of the Fourth Dansih Human-Computer Interaction Research Symposium
    RedaktørerJesper Kjeldskov, Mikael B. Skov, Jan Stage
    ForlagAalborg Universitet
    Publikationsdato2004
    Sider21-24
    StatusUdgivet - 2004
    BegivenhedDanish Human-Computer Interaction Research Symposium - Aalborg, Danmark
    Varighed: 6 nov. 2004 → …
    Konferencens nummer: 4

    Konference

    KonferenceDanish Human-Computer Interaction Research Symposium
    Nummer4
    LandDanmark
    ByAalborg
    Periode06/11/2004 → …

    Bibliografisk note

    Serie titel: HCI Lab Technical Report
    Serie nummer: 2004/1

    Citer dette

    Hertzum, M. (2004). Remembering Multiple Passwords by Way of Minimal-Feedback Hints: Replication and Further Analysis. I J. Kjeldskov, M. B. Skov, & J. Stage (red.), Proceedings of the Fourth Dansih Human-Computer Interaction Research Symposium (s. 21-24). Aalborg Universitet.