Next: Informal Low-fi Prototype testing
Up: User Study
Previous: User Study
In order to analyze the task of password authentication, we interviewed thirty
people about their password behavior. While the sample size is small, our
findings mirror the results of other larger surveys on the subject
[AS99].
- We find that while participants have 10 - 50 instances where passwords are
required, our users have only 1-7 unique passwords, which they use for
multiple situations. Many of these unique passwords are variations on each
other to aid memorability.
- Users have a variety of ways for coming up with passwords that they can
remember. In most cases, people choose something that is personally
meaningful to them (e.g., their own names, family members names, phone
numbers, favorite movies). When asked to change passwords, most use a
variation on a previous password. The average password length is 6 characters
and the majority of passwords are composed of alphabetic characters appended
by one or two numerical characters.
- The vast majority of participants write their passwords down
(independently of whether they are novices or experts, or have been trained in
password security). Some have a policy of writing all passwords down, while
others just write down passwords initially until they remember them or only
write down infrequently used passwords. Some users store their passwords in
PDAs.
- System restrictions do impact password behavior. In general, users expend
the minimum effort that is required to manage their passwords. For example,
some will only make passwords alphanumeric or insert special characters if
required, and most users did not ever change their passwords unless required
to do so. However, restrictions do not prevent users from finding workarounds
or engaging in other insecure behavior. One user likes having only one
password to remember, so when she is required to change any password, she will
change all of her other passwords to be the same.
- The level of security education or training also does not appear to have
any impact on behavior. Although most users have received some sort of
password security training, they ignored it stating that it was too cumbersome
or simply not practical to follow.
- Some users who spoke foreign languages reported that they used their own
names or words common in their native language as passwords, because ``if it
is not in English, it is hard for hackers to break''. Apparently our users
were not aware of the existence of multi-lingual password cracking
dictionaries.
- An interesting finding is that people viewed the ability to share
passwords with others as a feature. Almost all participants shared their bank PIN
with family or friends and several users shared account passwords with others
because this was a convenient way to collaborate, share information or
transfer files.
- All participants expressed strong feelings of dislike and frustration with
their experiences remembering, using and losing passwords. Yet surprisingly,
most people preferred them to alternatives. For example many disliked
hardware tokens because of experiences losing or misplacing them. A couple of
participants who had experience with biometrics (fingerprint readers) felt
that these systems were unreliable and performed poorly compared to passwords.
Others disliked biometrics because of perceived privacy threats.
Next: Informal Low-fi Prototype testing
Up: User Study
Previous: User Study
Adrian Perrig
Thu Jun 15 15:16:10 PDT 2000