research-article

A diary study of password usage in daily life

Authors:
Eiji Hayashi

Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

Carnegie Mellon University, Pittsburgh, Pennsylvania, USA
View Profile

,
Jason Hong

Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

Carnegie Mellon University, Pittsburgh, Pennsylvania, USA
View Profile

CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsMay 2011Pages 2627–2630https://doi.org/10.1145/1978942.1979326

Published:07 May 2011Publication History

CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

Pages 2627–2630

ABSTRACT

While past work has examined password usage on a specific computer, web site, or organization, there is little work examining overall password usage in daily life. Through a diary study, we examine all usage of passwords, and offer some new findings based on quantitative analyses regarding how often people log in, where they log in, and how frequently people use foreign computers. Our analysis also confirms or updates existing statistics about password usage patterns. We also discuss some implications for design as well as security education.

References

A. Adams, M. A. Sasse. Users are not the enemy. Comm. of the ACM (1999. Google ScholarDigital Library
K.R. Walsh, B. Ives, H. Schneider. The Domino Effect of Password Reuse. Comm. of the ACM (2004. Google ScholarDigital Library
S. Gaw, E. W. Felten. Password management strategies for online accounts. In Proc. of SOUPS (2006. Google ScholarDigital Library
D. Florencio, C. Herley. A large-scale study of web password habits. In Proc. of WWW (2007. Google ScholarDigital Library
P. Inglesant and M. A. Sasse. The true cost of unusable password policies: password use in the wild. CHI (2010. Google ScholarDigital Library
R. Shay, S. Komanduri, P. G. Kelley, P.G. Leon, M. L. Mazurek, L. Bauer, N. Christin, L. F. Cranor Encountering stronger password requirements: user attitudes and behaviors. In Porc. of SOUPS (2010). Google ScholarDigital Library
S. Singh, A. Cabraal, C. Demosthenous G. Astbrink M. Furlong. Password sharing: implications for security design based on social practice. In Proc. of CHI (2007. Google ScholarDigital Library
E. F. Gehringer. Choosing passwords: security and human factors. In Proc. of ISTAS (2002.Google ScholarCross Ref
J. Yan, A. Blackwell, R. Anderson, A. Grant. Password memorability and security: Empirical results. IEEE Security & Privacy (2004) vol. 2 (5) pp. 25--3. Google ScholarDigital Library
P. Dourish, E. Grinter, J. D. Flor, M. Joseph. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing (2004) vol. 8 (6). Google ScholarCross Ref
1C. Kuo, S. Romanosky, L. Cranor. Human selection of mnemonic phrase-based passwords. SOUPS (2006). Google ScholarDigital Library
D. Florencio, C. Herley, B. Coskun. Do strong web passwords accomplish anything? In Proc. USENIX Hot Topics in Security (2007). Google ScholarDigital Library
Google, http://google.com/adplanner/static/top1000.Google Scholar

Index Terms

A diary study of password usage in daily life

Index terms have been assigned to the content through auto-classification.

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
May 2011
3530 pages
ISBN:9781450302289
DOI:10.1145/1978942
General Chair:
Desney Tan
Microsoft Research
,
Program Chairs:
Geraldine Fitzpatrick
Vienna University of Technology
,
Carl Gutwin
University of Saskatchewan
,
Bo Begole
PARC
,
Wendy A. Kellogg
IBM Research
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 7 May 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
diary study
password
user authentication
Qualifiers
- research-article
Conference

Acceptance Rates
CHI '11 Paper Acceptance Rate410of1,532submissions,27%Overall Acceptance Rate6,199of26,314submissions,24%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 70
  Total Citations
  View Citations
- 1,403
  Total Downloads
- Downloads (Last 12 months)120
- Downloads (Last 6 weeks)14
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A diary study of password usage in daily life

CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

ABSTRACT

References

Cited By

Index Terms

Recommendations

Password Diary: Large Print, Font, 8.5 by 11 Internet, Web Site Password Keeper, Directory . Alphabetical Organizer Journal Notebook. Big Logbook With 300 places To Record

Password Diary: Internet, Web Site Password Keeper/Directory. Alphabetical Organizer Journal Notebook. Logbook With 300 places To Record Passwords. 104 pages

Pocket Password Book (Password): A discreet internet password organizer