On improving the memorability of system-assigned recognition-based passwords

Mahdi Nasrullah Al-Ameen, Sonali T. Marne, Kanis Fatema, Matthew Wright, Shannon Scielzo

Research output: Contribution to journalArticlepeer-review

Abstract

User-chosen passwords reflecting common strategies and patterns ease memorisation but offer uncertain and often weak security, while system-assigned passwords provide higher security guarantee but suffer from poor memorability. We thus examine the technique to enhance password memorability that incorporates a scientific understanding of long-term memory. In particular, we examine the efficacy of providing users with verbal cues—real-life facts corresponding to system-assigned keywords. We also explore the usability gain of including images related to the keywords along with verbal cues. In our multi-session lab study with 52 participants, textual recognition-based scheme offering verbal cues had a significantly higher login success rate (94.23%) compared to the control condition, i.e. textual recognition without verbal cues (61.54%). When users were provided with verbal cues, adding images contributed to faster recognition of the assigned keywords, and thus had an overall improvement in usability. So, we conducted a field study with 54 participants to further examine the usability of graphical recognition-based scheme offering verbal cues, which showed an average login success rate of 98% in a real-life setting and an overall improvement in login performance with more login sessions. These findings show a promising research direction to gain high memorability for system-assigned passwords.

Original languageEnglish (US)
JournalBehaviour and Information Technology
DOIs
StateAccepted/In press - 2020

Keywords

  • field study
  • lab study
  • memorability
  • system-assigned password
  • Usable security

ASJC Scopus subject areas

  • Developmental and Educational Psychology
  • Arts and Humanities (miscellaneous)
  • Social Sciences(all)
  • Human-Computer Interaction

Fingerprint Dive into the research topics of 'On improving the memorability of system-assigned recognition-based passwords'. Together they form a unique fingerprint.

Cite this