Simple Nudges for Better Password Creation

Nicholson, James, Vlachokyriakos, Vasilis, Coventry, Lynne, Briggs, Pamela and Olivier, Patrick (2018) Simple Nudges for Better Password Creation. In: 2018 British Human Computer Interaction Conference, 2-6 July 2018, Belfast, UK.

[img]
Preview
Text
Cue.BHCI.FINAL.pdf - Accepted Version

Download (565kB) | Preview

Abstract

Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords.

Item Type: Conference or Workshop Item (Paper)
Subjects: C800 Psychology
G400 Computer Science
Department: Faculties > Health and Life Sciences > Psychology
Related URLs:
Depositing User: James Nicholson
Date Deposited: 09 Jul 2018 13:38
Last Modified: 11 Oct 2019 17:00
URI: http://nrl.northumbria.ac.uk/id/eprint/34527

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics