Published: August 02, 2015
Author(s)
Kristen Greene (NIST)
Conference
Name: 3rd International Conference on Human Aspects of Information Security, Privacy and Trust
Dates: August 2-7, 2015
Location: Los Angeles, California, United States
Citation: Human Aspects of Information Security, Privacy, and Trust: Third International Conference, HAS 2015, Lecture Notes in Computer Science vol. 9190, pp. 59-70
The current work examines subjective password usability across platforms—desktop, smartphone, and tablet—using system-generated passwords that adhere to the stricter password requirements found in higher-security enterprise environments. This research builds upon a series of studies at the United States National Institute of Standards and Technology (NIST) by testing a previously proposed idea of password permutation: grouping like character classes together in order to improve password usability. Password permutation improves mobile device entry by reducing the number of onscreen keyboard changes required to enter numbers and symbols. Across devices, participants rated the longer (length 14) permuted passwords as easier to type than the shorter (length 10) non-permuted passwords. This demonstrates that the composition and structure of a password are important; people are sensitive to factors beyond simply password length. By combining qualitative and quantitative research, we will ultimately arrive at a more complete understanding of how password construction impacts usability.
The current work examines subjective password usability across platforms—desktop, smartphone, and tablet—using system-generated passwords that adhere to the stricter password requirements found in higher-security enterprise environments. This research builds upon a series of studies at the United...
See full abstract
The current work examines subjective password usability across platforms—desktop, smartphone, and tablet—using system-generated passwords that adhere to the stricter password requirements found in higher-security enterprise environments. This research builds upon a series of studies at the United States National Institute of Standards and Technology (NIST) by testing a previously proposed idea of password permutation: grouping like character classes together in order to improve password usability. Password permutation improves mobile device entry by reducing the number of onscreen keyboard changes required to enter numbers and symbols. Across devices, participants rated the longer (length 14) permuted passwords as easier to type than the shorter (length 10) non-permuted passwords. This demonstrates that the composition and structure of a password are important; people are sensitive to factors beyond simply password length. By combining qualitative and quantitative research, we will ultimately arrive at a more complete understanding of how password construction impacts usability.
Hide full abstract
Keywords
passwords; authentication; security; mobile text entry; typing; touchscreens; smartphones; tablets; password permutation; chunking
Control Families
None selected