A passphrase can keep your online data safe
PTI | Aug 7, 2018, 03:12PM IST
WASHINGTON: Scientists have developed a new system that uses passphrases for online authentication, and found it to be more user-friendly and secure than traditional wordbased passcodes.
Although passphrases, or phrase-based passwords, have been found to be more secure than traditional passwords, factors like typographical errors and memorability have slowed down their wider adoption.
“Passphrases are more secure than passwords and avoid the various issues with biometric systems like fingerprint or facial recognition,” said Kevin Juang, a user experience research manager at SunTrust Bank in the US.
“It’s inevitable that we will eventually need to move past traditional passwords, but it’s nothing to fear,” said Juang.
The study, published in the journal Human Factors, developed and tested two new passphrase systems that seek to address these shortcomings and improve the usability and security of existing passphrase authentication systems. The first passphrase system incorporated, in part, a specialised wordlist using simple, common words; a six-word sentence structure that made meaningful sense; and a usercreated mnemonic picture to assist with recall.
The final result would be a passphrase such as “silly pet wolf ate our pizzas,” with an accompanying user-generated illustration. The second passphrase system replaced the six-word sentence structure with four words randomly drawn from a customised 1,450-word list.
Researchers assessed the usability of their systems against two existing passphrase systems: a user-generated passphrase containing at least 24 characters, and a system-generated passphrase using words randomly drawn from a list of 10,000. To gauge the success of their new systems, the authors asked 50 adult participants to create, in five minutes, a passphrase and any applicable mnemonic — without writing down what they created. Given that study participants were instructed not to write down or practice their passphrases, researchers found that in real-world settings, the success rates for their new systems would likely increase.
“Instead of asking users to juggle both usability and security, which is complicated, let’s provide secure passphrases and allow users to do what they do best: make things easier for themselves,” Juang said.
Although passphrases, or phrase-based passwords, have been found to be more secure than traditional passwords, factors like typographical errors and memorability have slowed down their wider adoption.
“Passphrases are more secure than passwords and avoid the various issues with biometric systems like fingerprint or facial recognition,” said Kevin Juang, a user experience research manager at SunTrust Bank in the US.
“It’s inevitable that we will eventually need to move past traditional passwords, but it’s nothing to fear,” said Juang.
The study, published in the journal Human Factors, developed and tested two new passphrase systems that seek to address these shortcomings and improve the usability and security of existing passphrase authentication systems. The first passphrase system incorporated, in part, a specialised wordlist using simple, common words; a six-word sentence structure that made meaningful sense; and a usercreated mnemonic picture to assist with recall.
The final result would be a passphrase such as “silly pet wolf ate our pizzas,” with an accompanying user-generated illustration. The second passphrase system replaced the six-word sentence structure with four words randomly drawn from a customised 1,450-word list.
Researchers assessed the usability of their systems against two existing passphrase systems: a user-generated passphrase containing at least 24 characters, and a system-generated passphrase using words randomly drawn from a list of 10,000. To gauge the success of their new systems, the authors asked 50 adult participants to create, in five minutes, a passphrase and any applicable mnemonic — without writing down what they created. Given that study participants were instructed not to write down or practice their passphrases, researchers found that in real-world settings, the success rates for their new systems would likely increase.
“Instead of asking users to juggle both usability and security, which is complicated, let’s provide secure passphrases and allow users to do what they do best: make things easier for themselves,” Juang said.
Subscribe and get the
top tech news of the day
Delivered to your mailbox
All Comments (0)+^ Back to Top
Refrain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks, name calling or inciting hatred against any community. Help us delete comments that do not follow these guidelines by marking them offensive. Let's work together to keep the conversation civil.
HIDE