Applying Chunking Theory in Organizational Password Guidelines

Carstens, Deborah Sater; Malone, Linda C.; McCauley-Bell, Pamela

doi:10.28945/150

Cited by 8 publications

(10 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Yan and coworkers (2004) recommended the use of mnemonic phrases, where the first letters of each word in a phrase are used as a password. Carstens, Malone, and Bell (2006) suggested using passwords consisting of meaningful chunks to improve password recall. Another type of password, the graphical password, is gaining popularity due to people's superior memory for pictures over texts (Dhamija and Perrig 2000).…”

Section: Theoretical and Practical Implicationsmentioning

confidence: 99%

Am I Really at Risk? Determinants of Online Users' Intentions to Use Strong Passwords

Zhang¹,

McDowell

2009

Journal of Internet Commerce

View full text Add to dashboard Cite

By using the protection motivation theory, this article tests a model of password protection intentions for online users. Hypotheses are proposed concerning the intention to engage in good password practices. Data were collected from 182 college students of 3 universities in the southern United States. The results suggest that fear, response cost, and response efficacy are significantly related to online password protection intentions. However, perceived severity and vulnerability are not significant predictors. The study suggests that reducing cognitive costs for passwords is imperative.

show abstract

Section: Theoretical and Practical Implicationsmentioning

confidence: 99%

Am I Really at Risk? Determinants of Online Users' Intentions to Use Strong Passwords

Zhang¹,

McDowell

2009

Journal of Internet Commerce

View full text Add to dashboard Cite

show abstract

“…Some of these studies are small and focus on targeted populations, such as undergraduates [9,41,54]. Others are larger online studies with a more diverse population [30,51].…”

Section: Password Corporamentioning

confidence: 99%

“…Others are larger online studies with a more diverse population [30,51]. In some cases, users are asked to create passwords for a low-value account associated with the study [9,31].…”

Section: Password Corporamentioning

confidence: 99%

Measuring password guessability for an entire university

Mazurek

Komanduri

Vidas

et al. 2013

Proceedings of the 2013 ACM SIGSAC Conference on Computer &Amp; Communications Security - CCS '13

164

View full text Add to dashboard Cite

Despite considerable research on passwords, empirical studies of password strength have been limited by lack of access to plaintext passwords, small data sets, and password sets specifically collected for a research study or from low-value accounts. Properties of passwords used for high-value accounts thus remain poorly understood.We fill this gap by studying the single-sign-on passwords used by over 25,000 faculty, staff, and students at a research university with a complex password policy. Key aspects of our contributions rest on our (indirect) access to plaintext passwords. We describe our data collection methodology, particularly the many precautions we took to minimize risks to users. We then analyze how guessable the collected passwords would be during an offline attack by subjecting them to a state-of-the-art password cracking algorithm. We discover significant correlations between a number of demographic and behavioral factors and password strength. For example, we find that users associated with the computer science school make passwords more than 1.8 times as strong as those of users associated with the business school. In addition, we find that stronger passwords are correlated with a higher rate of errors entering them.We also compare the guessability and other characteristics of the passwords we analyzed to sets previously collected in controlled experiments or leaked from low-value accounts. We find more consistent similarities between the university passwords and passwords collected for research studies under similar composition policies than we do between the university passwords and subsets of passwords leaked from low-value accounts that happen to comply with the same policies.

show abstract

“…They found that using two, three, and even four chunks of information improved memory for passwords and reduced the need for participants to refer to a written password. Although there was no statistically significant differ ence between the chunking conditions, Carstens et al (2006) found that using personally meaningful chunks of information in passwords improved memory compared to that of a sevencharacter password with no meaningful information incor porated in it. Brown et al (2004) found that half of all password constructions in their study consisted of proper names and birthdays with twothirds of passwords containing information about the self or personal elements, which makes it reasonable to suggest that these personally meaningful chunks do indeed aid memory.…”

Section: Effects Of Password Type and Memory Techniques On User Passwmentioning

confidence: 62%

“…Despite this, the usefulness of chunking in aiding memory is certainly still worth consideration today as pointed out by Carstens, Malone, and McCauleyBell (2006), who found chunking mean ingful information into passwords to be beneficial. In their study, Carstens et al (2006) explored the use of meaningful chunks of information and different password lengths. They found that using two, three, and even four chunks of information improved memory for passwords and reduced the need for participants to refer to a written password.…”

Section: Effects Of Password Type and Memory Techniques On User Passwmentioning

confidence: 99%

Does Fitness Priming Influence Self- and Other-Judgements of Personal and Physical Characteristics?

Burris¹,

Brownlow²,

Lins³

2016

PsiChiJournal

View full text Add to dashboard Cite

As I write these lines, Psi Chi Journal of Psychological Research has fully transitioned to the editorial stew ardship of Dr. Debi Brannan. It is a bittersweet time; I treasured deeply the tasks of editing the Psi Chi Journal. For nearly 5 years, I benefitted from reading cuttingedge research in broad topics across psy chology. I was inspired by the knowledge that most of the authors were upandcoming researchers whose sense of efficacy could be nurtured through a positive publication experience. I reveled in the beauty of watching undergraduate and graduate researchers shine, faculty mentors nurture our next generation of researchers, and colleagues support Psi Chi Journal authors in putting forth the best possible work. I retain a sense of awe at watching a community of scholars seamlessly collaborate for the greater good of science and psychology. I step down with a sense of having gained much more than I contributed. This editorial summarizes the road we-the editorial team-traveled during my years as editor of this fine Journal. The Journal edito rial team accomplishments since November of 2011 and until July of 2016 included advances in both structure and function of the Journal. Psi Chi Journal's notable changes in the 2011-16 period include a name change, expansion of author submissions, a shift from paper to online submis sions, and indexing in EBSCO Academic Search Complete and PsycINFO. We also created a Google Scholar profile. These changes were intended to increase the visibility, and thus impact, of Psi Chi Journal in the field. Increasing author submissions would allow us to increase the selectivity of pub lished works. Increased visibility through indexing increases the probability of citation. Google Scholar allowed us to track the impact of specific articles and to calculate an h index for the Journal. At the time of this printing, the h index for the Journal was WINTER 2016 PSI CHI JOURNAL OF PSYCHOLOGICAL RESEARCH

show abstract

Applying Chunking Theory in Organizational Password Guidelines

Cited by 8 publications

References 22 publications

Am I Really at Risk? Determinants of Online Users' Intentions to Use Strong Passwords

Am I Really at Risk? Determinants of Online Users' Intentions to Use Strong Passwords

Measuring password guessability for an entire university

Does Fitness Priming Influence Self- and Other-Judgements of Personal and Physical Characteristics?

Contact Info

Product

Resources

About