Passwords are a prominent mechanism for user authentication but entail a conflict between ease of use and security in that passwords must be both easy to remember for the password holder and difficult to guess for everybody else. To support users in remembering their passwords minimal-feedback hints for remote authentication (MiFA) provide users with a couple of the password characters when users are prompted for their password. In this study MiFA hints, originally devised by Lu and Twidale (2003), were evaluated by having 14 participants create five passwords each and prompting them for these passwords after one week and after four weeks. With the aid of MiFA hints participants remembered significantly more passwords and were significantly more confident in the correctness of their memory of their passwords than without hints. However, many of the passwords created by the participants were weak, for example a word followed by one or more digits, and vulnerable to dictionary attacks.
|Titel||Proceedings of the Fourth Dansih Human-Computer Interaction Research Symposium|
|Redaktører||Jesper Kjeldskov, Mikael B. Skov, Jan Stage|
|Status||Udgivet - 2004|
|Begivenhed||Danish Human-Computer Interaction Research Symposium - Aalborg, Danmark|
Varighed: 6 nov. 2004 → …
Konferencens nummer: 4
|Konference||Danish Human-Computer Interaction Research Symposium|
|Periode||06/11/2004 → …|
Bibliografisk noteSerie titel: HCI Lab Technical Report
Serie nummer: 2004/1
Hertzum, M. (2004). Remembering Multiple Passwords by Way of Minimal-Feedback Hints: Replication and Further Analysis. I J. Kjeldskov, M. B. Skov, & J. Stage (red.), Proceedings of the Fourth Dansih Human-Computer Interaction Research Symposium (s. 21-24). Aalborg Universitet.