You are here: Home » Technology » News » Computers
Business Standard

New phrase-based passwords could make online accounts more secure: Study

The first passphrase system incorporated, in part, a specialised wordlist using simple, common words; a six-word sentence structure that made meaningful sense

Topics
Password  |  United States  |  Facial Recognition

Press Trust of India  |  Washington 

New phrase-based passwords could make online accounts more secure: Study

Scientists have developed a new system that uses passphrases for online authentication, and found it to be more user-friendly and secure than traditional word-based passcodes.

Although passphrases, or phrase-based passwords, have been found to be more secure than traditional passwords, human factors issues such as typographical errors and memorability have slowed their wider adoption.

"Passphrases are more secure than passwords and avoid the various issues with biometric systems like fingerprint or facial recognition," said Kevin Juang, a user experience research manager at SunTrust Bank in the US.

"It's inevitable that we will eventually need to move past traditional passwords, but it's nothing to fear," said Juang.

The study, published in the journal Human Factors, developed and tested two new passphrase systems that seek to address these shortcomings and improve the usability and security of existing passphrase authentication systems.

The first passphrase system incorporated, in part, a specialised wordlist using simple, common words; a six-word sentence structure that made meaningful sense; and a user-created mnemonic picture to assist with recall.

The final result would be a passphrase such as "silly pet wolf ate our pizzas," with an accompanying user-generated illustration.

The second passphrase system replaced the six-word sentence structure with four words randomly drawn from a customized 1,450-word list.

Researchers assessed the usability of their systems against two existing passphrase systems: a user-generated passphrase containing at least 24 characters, and a system-generated passphrase using words randomly drawn from a list of 10,000.

To gauge the success of their new systems, the authors asked 50 adult participants to create, in five minutes, a passphrase and any applicable mnemonic - without writing down what they created.

The participants completed two recall sessions, one immediately following the creation of the four passphrases and one 7 to 11 days later.

Researchers found that memorability was greatly improved under their new systems compared with the existing ones: Second-session recall success rates in this study were 82 per cent for the six-word sentence and 80 per cent for the customized word list, versus only 50 per cent for the user-generated passphrase and 34 per cent for the passphrase created using the 10,000-word list.

Given that study participants were instructed not to write down or practice their passphrases, researchers found that in real-world settings, the success rates for their new systems would likely increase.

"Instead of asking users to juggle both usability and security, which is complicated, let's provide secure passphrases and allow users to do what they do best: make things easier for themselves," Juang said.

"By truly understanding how users think, we can design systems that keep them secure while also being easy to use," he said.

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,


Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

First Published: Sun, August 05 2018. 18:38 IST
RECOMMENDED FOR YOU
RECOMMENDED FOR YOU