Password strength and memorability

Julkunen, Hanna, Ceder Molander, Josefin

January 2016

The society today is dependent on information technology and with the help of the technologymakes it easier to access information. Due to the constantly growing network environment,various techniques of accessing and handling information have developed. One of the mostused solutions to access and protect information is by using a password. The purpose of apassword is to protect sensitive and important data from unauthorized users who intentionallyor accidentally access the system. This can lead to unsolicited modifications of the original dataas well as unauthorized access of confidential information. Humans are those who design theinformation security, but at the same time the ones who are the weakest link in the securitychain. To prevent unauthorized access it is important to have a strong and tamper proofpassword. A good password should be easy to remember, hard to guess by others and bedifficult to predict by a person or software. The goal in this study is to find a good balancebetween a memorable and a secured password. The study will compare three types ofconstructions for password, own set, modified dictionary and association against each other tofind the one which is the strongest and the most memorable.

Password strength

Memorability

Password meters

Levenshtein distance

Experiment

Information Systems