Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets

S. M.Taiabul Haque, Matthew Wright, Shannon Scielzo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.

Original languageEnglish (US)
Title of host publicationSPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013
Pages105-110
Number of pages6
DOIs
StatePublished - 2013
Event3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013 - Berlin, Germany
Duration: Nov 8 2013Nov 8 2013

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013
CountryGermany
CityBerlin
Period11/8/1311/8/13

Keywords

  • handsets
  • interface
  • passwords
  • user study

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets'. Together they form a unique fingerprint.

  • Cite this

    Haque, S. M. T., Wright, M., & Scielzo, S. (2013). Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets. In SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013 (pp. 105-110). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/2516760.2516767