Abstract
User-chosen passwords reflecting common strategies and patterns ease memorisation but offer uncertain and often weak security, while system-assigned passwords provide higher security guarantee but suffer from poor memorability. We thus examine the technique to enhance password memorability that incorporates a scientific understanding of long-term memory. In particular, we examine the efficacy of providing users with verbal cues—real-life facts corresponding to system-assigned keywords. We also explore the usability gain of including images related to the keywords along with verbal cues. In our multi-session lab study with 52 participants, textual recognition-based scheme offering verbal cues had a significantly higher login success rate (94.23%) compared to the control condition, i.e. textual recognition without verbal cues (61.54%). When users were provided with verbal cues, adding images contributed to faster recognition of the assigned keywords, and thus had an overall improvement in usability. So, we conducted a field study with 54 participants to further examine the usability of graphical recognition-based scheme offering verbal cues, which showed an average login success rate of 98% in a real-life setting and an overall improvement in login performance with more login sessions. These findings show a promising research direction to gain high memorability for system-assigned passwords.
Original language | English (US) |
---|---|
Pages (from-to) | 1115-1131 |
Number of pages | 17 |
Journal | Behaviour and Information Technology |
Volume | 41 |
Issue number | 5 |
DOIs | |
State | Published - 2022 |
Keywords
- Usable security
- field study
- lab study
- memorability
- system-assigned password
ASJC Scopus subject areas
- Developmental and Educational Psychology
- Arts and Humanities (miscellaneous)
- General Social Sciences
- Human-Computer Interaction