Thomas Groß, Kovila P.L. Coopamootoo, and Amina Al-Jabri, Newcastle University
Abstract:
This paper reports on a lab experiment with 100 subjects which is the first to investigate the impact of cognitive effort and depletion on the choice of user passwords. Two groups of 50 subjects each were asked to generate a password. One group was cognitively depleted, the other was not. Password strength was measured and compared across groups. We find that subjects who are cognitively depleted create worse passwords than undepleted subjects. Surprisingly, subjects who report mild cognitive exertion create better password than undepleted subjects. We are interested in discussing how cognitive effort impacts authentication as well as how to negotiate the cognitive demands of password procedures to best support users.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
Twitter
Facebook
LinkedIn
Google+
YouTube
connect with us