Entering a password on a mobile phone requires more effort than entering it on a PC keyboard, especially when using capital letters, digits, and special characters that are considered important for strong passwords. In this study, we examine how these factors affect the construction of passwords on input-constrained devices such as mobile phones. We conducted a between-group experiment with 72 students from the University of Texas at Arlington (UTA), in which we asked the participants to construct new passwords using PC keyboards and mobile phones with different keypad layouts. Passwords constructed by using PC keyboards were stronger than those constructed by touchscreen keypads. Surprisingly, passwords that were constructed by mobile phones with physical keyboards were stronger than those constructed by PC keyboards. We also designed a custom layout for the touchscreen keypad that offers a more convenient method of typing digits and some special characters. Our results show that this custom layout helped the participants to construct stronger passwords on mobile phones. To address an alternative explanation for better performance of the physical keyboard and custom layout groups, we designed a second experiment by removing the potential bias effects of the first experiment. The results of this within-group experiment confirm that if users are presented with a more convenient method of entering digits and special characters on mobile handsets, they take advantage of it to construct stronger passwords. The results also supplement our finding regarding password construction and user engagement from the first experiment and highlight an important design consideration about password construction pages for mobile versions of websites.