JYX > Opinnäytteet > Väitöskirjat > View Item
Improving the security of multiple passwords through a greater understanding of the human memory
Published inJyväskylä studies in computing
Multiple passwords are an increasing security issue that will only get worse with time. One of the major factors that compromise multiple passwords is users’ memory, and the behaviors they adopt to compensate for its failures. Through studying memory elements that influence users’ password memorability, we may increase our understanding of the user and therefore make proposals to increase the security of the password authentication mechanism. This dissertation examines the human memory to understand password security behaviors; and moreover, develops new theories and revises prominent memory theories for the password context. This research employs memory theories to not only increase the memorability of passwords, but to also improve the security of them by means of three studies that examine users’ beliefs and awareness (metamemory) about how their memory affects their password memorability and insecure password behavior; and look to increasing password memorability through improving learning (repetition through verification), and retrieval (through uniqueness). Empirical longitudinal studies collecting objective and subjective data measuring password recall (over 10000 passwords), memory interference, memory performance, memory beliefs, user convenience, and insecure password behavior. Through collecting objective password recall data, the results of these studies challenge users’ preconceptions about justifying their adoption of insecure password behaviors. Furthermore, it challenges the assumption of trade-offs between password security, memorability and user convenience found in previous password research. In meeting the objectives of the dissertation, this research has significant practical implications for organizations and individual users. Through a greater understanding of the human memory this can inform users to adopt better password security practices. The implications of these results suggest how to increase password memorability, how to decrease password forgetting, and how to decrease insecure password behaviors and the consequences of such insecure behaviors (such as security breaches). ...
PublisherUniversity of Jyväskylä
ISSN Search the Publication Forum1456-5390
MetadataShow full item record
- Väitöskirjat 
Showing items with similar title or keywords.
Too many passwords? : How understanding our memory can increase password memorability Woods, Naomi; Siponen, Mikko (Academic Press, 2018)Passwords are the most common authentication mechanism, that are only increasing with time. Previous research suggests that users cannot remember multiple passwords. Therefore, users adopt insecure password practices, such ...
The Light Side of Passwords : Turning Motivation from the Extrinsic to the Intrinsic Woods, Naomi (Association for Information Systems, 2019)There are many good and bad aspects to password authentication. They are mostly without cost, securing many accounts and systems, and allowing users access from anywhere in the world. However, passwords can elicit dark ...
Improving Password Memorability, While Not Inconveniencing the User Woods, Naomi; Siponen, Mikko (Academic Press, 2019)Passwords are the most frequently used authentication mechanism. However, due to increased password numbers, there has been an increase in insecure password behaviors (e.g., password reuse). Therefore, new and innovative ...
Password usage, management, and perceptions of expert users Temonen, Saku (2020)Ihmisten tietoturva kautta maailman riippuu salasanojen varassa, mutta salasana todennusmenetelmänä toimii tarkoitetulla tavalla vain, jos käyttäjät noudattavat turvallisia salasanakäytänteitä. Siitä huolimatta tietoturvan ...
Frequently Using Passwords Increases Their Memorability - A False Assumption or Reality? Woods, Naomi (AIS Electronic Library (AISeL), 2017)Password memorability is a significant problem that is getting worse as the numbers grow. As a direct result of memory limitations, adopted insecure password practices have substantial consequences as organizations lose ...