Usability of Humanly Computable Passwords

Authors

  • Samira Samadi Georgia Institute of Technology
  • Santosh Vempala Georgia Institute of Technology
  • Adam Kalai Microsoft Research

DOI:

https://doi.org/10.1609/hcomp.v6i1.13333

Keywords:

Humanly Computable, Password Strategy, Usability Study

Abstract

Reusing passwords across multiple websites is a common practice that compromises security. Recently, Blum and Vempala have proposed password strategies to help people calculate, in their heads, passwords for different sites without dependence on third-party tools or external devices. Thus far, the security and efficiency of these "mental algorithms" has been analyzed only theoretically. But are such methods usable? We present the first usability study of humanly computable password strategies, involving a learning phase (to learn a password strategy), then a rehearsal phase (to login to a few websites), and multiple follow-up tests. In our user study, with training, participants were able to calculate a deterministic eight-character password for an arbitrary new website in under 20 seconds.

Downloads

Published

2018-06-15

How to Cite

Samadi, S., Vempala, S., & Kalai, A. (2018). Usability of Humanly Computable Passwords. Proceedings of the AAAI Conference on Human Computation and Crowdsourcing, 6(1), 174-183. https://doi.org/10.1609/hcomp.v6i1.13333

Issue

Vol. 6 (2018): Sixth AAAI Conference on Human Computation and Crowdsourcing

Section

Technical Papers