Remembering Passwords: The Role of Instructions
Authors: Kim-Phuong L. Vu, Ha Nguyen, Uyen Bui
Abstract: Most users follow predictable patterns and create weak passwords because they are unaware how to generate strong, secure passwords (Ur et al., 2015). Yet, more secure, system-generated passwords tend to be more difficult to remember (Vu et al., 2003). The current study examined whether system-generated passwords could be made more memorable through use of different types of instructions that help the users associate text and/or images to the passwords or password components. Over 100 participants were asked to memorize three system-generated passwords for three fake accounts: bank, email and social media, either in a lab-based setting with a moderator or completely online. Participants were given no instructions, text-based instructions, image-based instructions, or a combination of both text and image-based instructions to help them understand and memorize each password. Participants were then asked to recall their password after no delay or a short delay. We found that users were able to remember complex system-generated passwords when provided with detailed text-based or image-based instructions to help the users map the password components to a structure. Our findings did not clearly show which instructional technique was better. Future studies should explore additional instructional techniques for password generation and memorization.
Keywords: passwords, authentification, memory
Cite this paper: