Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets

S. M.Taiabul Haque, Matthew Wright, Shannon Scielzo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.

Original languageEnglish (US)
Title of host publicationSPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013
Pages105-110
Number of pages6
DOIs
StatePublished - Dec 9 2013
Event3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013 - Berlin, Germany
Duration: Nov 8 2013Nov 8 2013

Other

Other3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013
CountryGermany
CityBerlin
Period11/8/1311/8/13

Fingerprint

Telephone sets
Computer keyboards
Mobile phones
Touch screens
Typewriter keyboards
Experiments
Websites
Students

Keywords

  • handsets
  • interface
  • passwords
  • user study

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Cite this

Haque, S. M. T., Wright, M., & Scielzo, S. (2013). Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets. In SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013 (pp. 105-110) https://doi.org/10.1145/2516760.2516767

Passwords and interfaces : Towards creating stronger passwords by using mobile phone handsets. / Haque, S. M.Taiabul; Wright, Matthew; Scielzo, Shannon.

SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013. 2013. p. 105-110.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Haque, SMT, Wright, M & Scielzo, S 2013, Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets. in SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013. pp. 105-110, 3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 11/8/13. https://doi.org/10.1145/2516760.2516767
Haque SMT, Wright M, Scielzo S. Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets. In SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013. 2013. p. 105-110 https://doi.org/10.1145/2516760.2516767
Haque, S. M.Taiabul ; Wright, Matthew ; Scielzo, Shannon. / Passwords and interfaces : Towards creating stronger passwords by using mobile phone handsets. SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013. 2013. pp. 105-110
@inproceedings{2d23b32807c3492497abcb759af0eda5,
title = "Passwords and interfaces: Towards creating stronger passwords by using mobile phone handsets",
abstract = "Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.",
keywords = "handsets, interface, passwords, user study",
author = "Haque, {S. M.Taiabul} and Matthew Wright and Shannon Scielzo",
year = "2013",
month = "12",
day = "9",
doi = "10.1145/2516760.2516767",
language = "English (US)",
isbn = "9781450324915",
pages = "105--110",
booktitle = "SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013",

}

TY - GEN

T1 - Passwords and interfaces

T2 - Towards creating stronger passwords by using mobile phone handsets

AU - Haque, S. M.Taiabul

AU - Wright, Matthew

AU - Scielzo, Shannon

PY - 2013/12/9

Y1 - 2013/12/9

N2 - Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.

AB - Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.

KW - handsets

KW - interface

KW - passwords

KW - user study

UR - http://www.scopus.com/inward/record.url?scp=84889055007&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84889055007&partnerID=8YFLogxK

U2 - 10.1145/2516760.2516767

DO - 10.1145/2516760.2516767

M3 - Conference contribution

AN - SCOPUS:84889055007

SN - 9781450324915

SP - 105

EP - 110

BT - SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013

ER -