Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Overview
  • Proceedings

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » The Password Life Cycle: User Behaviour in Managing Passwords
Tweet

connect with us

The Password Life Cycle: User Behaviour in Managing Passwords

Authors: 

Elizabeth Stobert and Robert Biddle, Carleton University

Abstract: 

Users need to keep track of many accounts and passwords. We conducted a series of interviews to investigate how users cope with these demanding tasks, and used Grounded Theory to analyze the interview results. We found that most users cope by reusing passwords and writing them down, but with a rich variety of behaviour and diverse personalized strategies. These approaches seem to disregard security advice, but at a detailed level they involve perceptive behaviour and careful self-management of user resources. We identify a password life cycle that follows users’ password behaviour and how it develops over time as users adapt to changing circumstances and demands. Users’ strategies have their limitations, but we suggest they indicate a rational response to the requirements of password authentication. We suggest that instead of simply advising against such behaviour, new approaches could be designed that harness existing user behaviour while limiting negative consequences.

Elizabeth Stobert, Carleton University

Robert Biddle, Carleton University

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {185315,
author = {Elizabeth Stobert and Robert Biddle},
title = {The Password Life Cycle: User Behaviour in Managing Passwords},
booktitle = {10th Symposium On Usable Privacy and Security (SOUPS 2014)},
year = {2014},
isbn = {978-1-931971-13-3},
address = {Menlo Park, CA},
pages = {243--255},
url = {https://www.usenix.org/conference/soups2014/proceedings/presentation/stobert},
publisher = {USENIX Association},
month = jul,
}
Download
Stobert PDF
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us