Paper Info
Title
Does my password go up to eleven?: the impact of password meters on password selection
Abstract
Password meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they were forced to change their real passwords, and when they were not told that their passwords were the subject of a study. We observed that the presence of meters yielded significantly stronger passwords. We performed a followup field experiment to test a different scenario: creating a password for an unimportant account. In this scenario, we found that the meters made no observable difference: participants simply reused weak passwords that they used to protect similar low-risk accounts. We conclude that meters result in stronger passwords when users are forced to change existing passwords on "important" accounts and that individual meter design decisions likely have a marginal impact.
Year
DOI
Venue
2013
10.1145/2470654.2481329
CHI
Keywords
Field
DocType
weak password,real password,individual meter design decision,laboratory experiment,stronger password,password meter,followup field experiment,different scenario,password selection,meters result,passwords,security
Internet privacy,Password strength,Computer science,Computer security,Laboratory experiment,Password policy,Password,Metre (music),Cognitive password
Conference
Citations 
PageRank 
References 
66
1.93
19
Authors
5
Name
Order
Citations
PageRank
Serge Engelman11914109.94
Andreas Sotirakopoulos21105.29
Ildar Muslukhov341518.51
Konstantin Beznosov41521105.47
C. Herley52424315.41