000000282 001__ 282
000000282 005__ 20130522141940.0
000000282 037__ $$aLERSSE-RefConfPaper-2013-001
000000282 100__ $$aSerge Egelman
000000282 245__ $$aDoes My Password Go up to Eleven? The Impact of Password Meters on Password Selection
000000282 260__ $$c2013-01-23
000000282 300__ $$a10
000000282 520__ $$aPassword meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they were forced to change their real passwords, and when they were not told that their passwords were the subject of a study. We observed that the presence of meters yielded significantly stronger passwords. We performed a followup field experiment to test a different scenario: creating a password for an unimportant account. In this scenario, we found that the meters made no observable difference: participants simply reused weak passwords that they used to protect similar low-risk accounts. We conclude that meters result in stronger passwords when users are forced to change existing passwords on "important" accounts and that individual meter design decisions likely have a marginal impact.
000000282 700__ $$aAndreas Sotirakopoulos
000000282 700__ $$aIldar Muslukhov
000000282 700__ $$aKonstantin Beznosov
000000282 700__ $$aCormac Herley
000000282 8560_ $$fildarm@ece.ubc.ca
000000282 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/282/files/282.pdf$$yTransfer from CDS 0.99.7
000000282 909C4 $$pSerge Egelman, Andreas Sotirakopoulos, Ildar Muslukhov, Konstantin Beznosov, and Cormac Herley. Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection. In Proceedings of Computer-Human Interaction conference, April 2013.
000000282 980__ $$aRefConfPaper