Remembering Passwords: The Role of Instructions

Abstract: Most users follow predictable patterns and create weak passwords because they are unaware how to generate strong, secure passwords (Ur et al., 2015). Yet, more secure, system-generated passwords tend to be more difficult to remember (Vu et al., 2003). The current study examined whether system-generated passwords could be made more memorable through use of different types of instructions that help the users associate text and/or images to the passwords or password components. Over 100 participants were asked to memorize three system-generated passwords for three fake accounts: bank, email and social media, either in a lab-based setting with a moderator or completely online. Participants were given no instructions, text-based instructions, image-based instructions, or a combination of both text and image-based instructions to help them understand and memorize each password. Participants were then asked to recall their password after no delay or a short delay. We found that users were able to remember complex system-generated passwords when provided with detailed text-based or image-based instructions to help the users map the password components to a structure. Our findings did not clearly show which instructional technique was better. Future studies should explore additional instructional techniques for password generation and memorization.

Keywords: passwords, authentification, memory

DOI: 10.54941/ahfe1003020

Cite this paper:

​