Remembering Passwords: The Role of Instructions

Abstract

Most users follow predictable patterns and create weak passwords because they are unaware how to generate strong, secure passwords (Ur et al., 2015). Yet, more secure, system-generated passwords tend to be more difficult to remember (Vu et al., 2003). The current study examined whether system-generated passwords could be made more memorable through use of different types of instructions that help the users associate text and/or images to the passwords or password components. Over 100 participants were asked to memorize three system-generated passwords for three fake accounts: bank, email and social media, either in a lab-based setting with a moderator or completely online. Participants were given no instructions, text-based instructions, image-based instructions, or a combination of both text and image-based instructions to help them understand and memorize each password. Participants were then asked to recall their password after no delay or a short delay. We found that users were able to remember complex system-generated passwords when provided with detailed text-based or image-based instructions to help the users map the password components to a structure. Our findings did not clearly show which instructional technique was better. Future studies should explore additional instructional techniques for password generation and memorization.

Keywords: passwords, authentification, memory

DOI: 10.54941/ahfe1003020