Improving Password Memorability and Strength Using Mangling rules

نویسندگان

  • Sanam Ghorbani Lyastani
  • Yasemin Acar
  • Sascha Fahl
چکیده

Paste the appropriate copyright statement here. ACM now supports three different copyright statements: • ACM copyright: ACM holds the copyright on the work. This is the historical approach. • License: The author(s) retain copyright, but ACM receives an exclusive publication license. • Open Access: The author(s) wish to pay for the work to be open access. The additional fee must be paid to ACM. This text field is large enough to hold the appropriate release statement assuming it is single spaced in a sans-serif 7 point font. Every submission will be assigned their own unique DOI string to be included here. Abstract UPDATED—June 8, 2016. Recently, to support users in choosing more secure passwords, websites are providing password strength meters and/or require user passwords to conform to a composition policy. However, there are inconsistent strength outcomes for the same password in different password meters that may confuse users in creating a stronger password. Also, policies may miss their goal, since users create predictable ("weak") passwords under those policies. To help users to create complex passwords, we are proposing a password generator mechanism that is based on mangling rules. The goal of using the mangling rules is to increase the security of the proposed passwords without sacrificing the memorability. We are planning an online user study on Amazon MTurk to evaluate memorability and users’ preferences of our approach.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Improving multiple-password recall: an empirical study

Received: 8 April 2008 Revised: 18 August 2008 2nd Revision: 31 January 2009 Accepted: 23 February 2009 Abstract As one of the most common authentication methods, passwords help secure information by granting access only to authorized parties. To be effective, passwords should be strong, secret, and memorable. While password strength can be enforced by automated information technology policies,...

متن کامل

Memorability of Persuasive Passwords

Text passwords are the primary authentication method used for most online services. Many online users select weak passwords. Regrettably, most proposed methods of strengthening passwords compromise memorability. This paper explores a lightweight password creation mechanism’s effect on password memorability. Our system employs Persuasive Technology to assist users in creating stronger passwords....

متن کامل

On the Deployment of Password Hints Using Pre-Attentive Visual Priming for One- Time Passwords

Password based security is still the most prevalent form of controlling access to trusted resources accessed through computers. There are several difficulties associated with password based systems, the predominant one being password memorability. The average person has approximately 15 passwords to maintain, which engenders a significant cognitive burden if passwords are selected and utilised ...

متن کامل

Enhanced User Graphical Password Authentication with an Usability and Memorability

Authentication is the process to provide guaranteed information security and the graphical password authentication method is a convenient and easy process to provide authentication. The major problem of user registration, mostly text base password, is well known. If the login user be inclined to select a simple password which is frequently in his mind it becomes straightforward for attackers to...

متن کامل

Author's Personal Copy Pin Selection Policies: Are They Really Effective? Author's Personal Copy 2. Related Work Author's Personal Copy 3. What Real World Pins Look Like

Users have conflicting sets of requirements when it comes to choosing Personal Identification Numbers (PINs) for mobile phones or other systems that use PINs for authentication: the conflict lies between the ‘easy to remember’ usability requirement and the ‘hard to guess’ security requirement. Users often ignore the security requirement and choose PINs that are easy to remember and reuse, makin...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016