Browse by author
Lookup NU author(s): Dr Jeff Yan
There are many things that are ‘well known’ about passwords, such as that users can’t remember strong passwords and that the passwords they can remember are easy to guess. However, there seems to be a distinct lack of research on the subject that would pass muster by the standards of applied psychology. Here we report a controlled trial in which, of four sample groups of about 100 first-year students, three were recruited to a formal experiment and of these two were given specific advice about password selection. The incidence of weak passwords was determined by cracking the password file, and the number of password resets was measured from system logs. We observed a number of phenomena which run counter to the established wisdom. For example, passwords based on mnemonic phrases are just as hard to crack as random passwords yet just as easy to remember as naive user selections.
Author(s): Yan J, Blackwell A, Anderson R, Grant A
Publication type: Article
Publication status: Published
Journal: IEEE Security and Privacy
Year: 2004
Volume: 2
Issue: 5
Pages: 25-31
Date deposited: 09/12/2010
ISSN (print): 1540-7993
ISSN (electronic): 1558-4046
Publisher: IEEE Computer Society
URL: http://dx.doi.org/10.1109/MSP.2004.81
DOI: 10.1109/MSP.2004.81
Altmetrics provided by Altmetric