Cognitive Strategies for Creating and Managing Passwords for Multiple Accounts

by Polevoi, Kampov

Abstract (Summary)
This study identifies some cognitive strategies that people use to keep track of passwords for various electronic systems, including approaches to password construction and methods for remembering which password is used for which system.

Twenty Six employees and students of a UNC department were interviewed about their password practices with focus on specific strategies for password construction, handling forced password changes, password reuse, mental organization of account information and password recall. These strategies appear to be evolving over time reflecting growing security awareness and the need to accommodate the increasing number and variety of accounts. They are heavily influenced by organizational password policies and rules. Other significant factors are user convenience and sensitivity of password protected information. People using elaborate mental strategies for creating account specific passwords appear to be more successful with managing their password information than those attempting to utilize some of their existing passwords for new accounts.

Evolutionary Model of password behaviors is proposed as a framework for stydying this topic.

Bibliographical Information:


School:University of North Carolina at Chapel Hill

School Location:USA - North Carolina

Source Type:Master's Thesis

Keywords:personal information management – password security selection user behavior


Date of Publication:04/04/2008

© 2009 All Rights Reserved.