Publication Details
Download |
Tobias Seitz, Heinrich Hussmann
PASDJO: Quantifying Password Strength Perceptions with an Online Game In Proceedings of the 29th Australian Conference on Human-Computer Interaction, Brisbane, QLD, Australia (bib) |
Users often fail to create strong passwords. Besides lack of motivation, another possible explanation are misconceptions about the factors that contribute to password strength. Such misconceptions play an important role for the design of feedback systems during password selection. In this paper, we present an online game that helps quantifying the perception of password strength. Players score points by rating the strength of passwords accurately under time pressure. We analyzed the usage logs from the first four months after rollout. We found that users underestimate passphrases by 1.4 points on a 5-point strength scale, while their other ratings are fairly consistent with our estimates. Although we used a different methodology, we were able to corroborate related findings and narrow down the features that users think contribute to password strength. We highlight how the data collected through PASDJO can help designing better password feedback and boost user experience during account creation. |