It’s well-known that text-based passwords are hard to remember and people prefer simple, unsecured passwords.
A lot depends on a password’s importance and how often you use it, according to a Rutgers University-New Brunswick-led study that could spur improved password technology and use.
Study co-author, Janne Lindqvist said, “Websites focus on telling users if their passwords are weak or strong, but they do nothing to help people remember passwords,” and added, “Our model could be used to predict the memorability of passwords, measure whether people remember them and prompt password system designers to provide incentives for people to log in regularly. Logging in more often helps people remember the password.”
The study found evidence that human memory naturally adapts based on an estimate of how often a password will be needed. Important, frequently used passwords are less likely to be forgotten, and system designers need to consider the environment in which passwords are used and how memory works over time.
“Many people struggle with passwords because you need a lot of them nowadays. People get frustrated. Our major findings include that password forgetting aligns well with one of the psychological theories of memory and predicting forgetting of passwords,” said Lindqvist.
The full findings were discussed in the 27th USENIX Security Symposium, funded by the National Science Foundation.