Abstract
As one of the most common authentication methods, passwords help secure information by granting access only to authorized parties. To be effective, passwords should be strong, secret, and memorable. While password strength can be enforced by automated information technology policies, users frequently jeopardize secrecy to improve memorability. The password memorability problem is exacerbated by the number of different passwords a user is required to remember. While short-term memory theories have been applied to individual-password management problems, the relationship between memory and the multiple-password problem has not been examined. This paper treats the multiple-password management crisis as a search and retrieval problem involving human beings’ long-term memory. We propose that interference between different passwords is one of the major challenges to multiple-password recall and that interference alleviation methods can significantly improve multiple-password recall. A lab experiment was conducted to examine the effectiveness of two interference alleviation methods: the list reduction method and the unique identifier method. While both methods improve multiple-password recall performance, the list reduction method leads to statistically significant improvement. The results demonstrate the potential merit of practices targeting multiple-password interference. By introducing long-term memory theory to multiple-password memorability issues, this study presents implications benefiting users and serves as the potential starting point for future research.
Additional information
Notes on contributors
Jie Zhang
Jie Zhang is an assistant professor in the Department of Computer Information Systems at Virginia State University, U.S.A. She received her Ph.D. degree in Management Information Systems from the University of Mississippi. Her research interests include behavioral information security, privacy, and SMEs information systems management. She can be reached at [email protected].
Xin Luo
Xin Luo is an assistant professor of Management Information Systems and Information Assurance in Robert O. Anderson School of Management at The University of New Mexico, U.S.A. He is the Associate Director of Center for Information Assurance Research and Education at UNM. He received his Ph.D. in Information Systems from Mississippi State University. His research interests center around information security, E-commerce/M-commerce, and global IT adoption and management. He has published research papers in journals including Communications of the ACM, Journal of the AIS, Communications of the AIS, Journal of Organizational and End User Computing, Cross-Cultural Management: An International Journal, Information Management & Computer Security, Journal of Information Privacy and Security, International Journal of Information Security & Privacy, Information Systems Security, and Journal of Internet Banking and Commerce, etc. He can be reached at [email protected].
Somasheker Akkaladevi
Somasheker Akkaladevi is an assistant professor of Computer Information Systems at Virginia State University, U.S.A. He received his Ph.D. in Computer Science from Georgia State University. His research interests include Artificial Intelligence, Bio-Informatics, Computer Networks, Computer Architecture, Algorithms, Parallel and Distributed Computing. He has published research papers in journals and conferences including The Journal of Cluster Computing, International Journal of Foundations of Computer Science, Soft Computing, 21st IEEE International Parallel & Distributed Processing Symposium, Second International Conference on Neural Networks and Brain, IEEE International Midwest Symposium on Circuits and System, 26th Annual International Conference of the IEEE Engineering in Medicine and Biology Society, and The Sixth IEEE International Workshop on Nature Inspired Distributed Computing, etc. He can be reached at [email protected].
Jennifer Ziegelmayer
Jennifer Ziegelmayer is an Instructor of Computer Information Systems at Delta State University and a doctoral candidate at The University of Mississippi. Her research interests focus on IT personnel issues including counterproductivity, organizational citizenship behavior, and accountability. In addition, she studies information security, privacy, and the use of social networking applications. Her research has been published in journals including the Journal of Computer Information Systems and Information Systems Frontiers. She can be reached at [email protected].