Long Passphrases: Potentials and Limits

by   Christopher Bonk, et al.

Passphrases offer an alternative to traditional passwords which aim to be stronger and more memorable. However, users tend to choose short passphrases with predictable patterns that may reduce the security they offer. To explore the potential of long passphrases, we formulate a set of passphrase policies and guidelines aimed at supporting their creation and use. Through a 39-day user study we analyze the usability and security of passphrases generated using our policies and guidelines. Our analysis indicates these policies lead to reasonable usability and promising security for some use cases, and that there are some common pitfalls in free-form passphrase creation. Our results suggest that our policies can support the use of long passphrases.


page 1

page 2

page 3

page 4


Measuring Website Password Creation Policies At Scale

Researchers have extensively explored how password creation policies inf...

Increasing the Security of Weak Passwords: the SPARTAN Interface

Password authentication suffers from the well-known tradeoff between sec...

A Study on Priming Methods for Graphical Passwords

Recent work suggests that a type of nudge or priming technique called th...

Security Mental Model: Cognitive map approach

Security models have been designed to ensure data is accessed and used i...

How to Make Privacy Policies both GDPR-Compliant and Usable

It is important for organisations to ensure that their privacy policies ...

Systematic Analysis and Comparison of Security Advice Datasets

A long list of documents have been offered as security advice, codes of ...

Please sign up or login with your details

Forgot password? Click here to reset