Cognitive Strategies for Creating and Managing Passwords for Multiple Accounts
Twenty Six employees and students of a UNC department were interviewed about their password practices with focus on specific strategies for password construction, handling forced password changes, password reuse, mental organization of account information and password recall. These strategies appear to be evolving over time reflecting growing security awareness and the need to accommodate the increasing number and variety of accounts. They are heavily influenced by organizational password policies and rules. Other significant factors are user convenience and sensitivity of password protected information. People using elaborate mental strategies for creating account specific passwords appear to be more successful with managing their password information than those attempting to utilize some of their existing passwords for new accounts.
Evolutionary Model of password behaviors is proposed as a framework for stydying this topic.
School Location:USA - North Carolina
Source Type:Master's Thesis
Keywords:personal information management – password security selection user behavior
Date of Publication:04/04/2008