Abstract | ||
---|---|---|
Background. Text-based passwords continue to be the primary form of authentication to computer systems. Today, they are increasingly created and used with mobile text entry methods, such as touchscreen qwerty keyboards, in addition to traditional physical keyboards. Aim. This paper aims to answer a foundational question for usable security: whether text entry methods affect password generation and password security. Method. This paper presents results from a betweengroup study with 63 participants, in which each group generated passwords for multiple virtual accounts using different text entry methods. Participants were also asked to recall their passwords afterwards. Results. One-way ANOVA across groups was performed on metrics including password length, amount of different characters, and estimated password security. The results showed significant effect of text entry methods on the amount of lowercase letters per password across groups (F(2,60 )= 3.186, p = .048, � 2 = .066), and non-significant effect on the password length, amount of uppercase letters, digits or symbols. No significant result was found for the estimated password security. The result of practical cracking attacks was also similar across groups. Conclusions. Text entry methods have effect on password security. However, the effect is subtler than expected. |
Year | Venue | Field |
---|---|---|
2014 | arXiv: Cryptography and Security | USable,Internet privacy,Password strength,Authentication,Computer security,Computer science,Password psychology,S/KEY,One-time password,Password,Cognitive password |
DocType | Volume | Citations |
Journal | abs/1403.1910 | 5 |
PageRank | References | Authors |
0.43 | 24 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yulong Yang | 1 | 74 | 4.99 |
Janne Lindqvist | 2 | 685 | 42.58 |
Antti Oulasvirta | 3 | 3131 | 217.78 |