password creation & recall
Passwords are consistently the most common method used to authenticate people to devices, websites, and services. The first project I worked on as a graduate student was with Violeta Moreno Garcia, another graduate student at the time, as we investigated: 1) Does giving people various rules for password creation and visual stimuli change how people create passwords?; 2) Are there differences between passwords created by participants with different native languages?; 3) Do these differences in the password creation process affect whether a participant can recall their password to authenticate later? Even with our small sample population, we found some interesting differences existed in password creation behaviors of participants with different native languages.
Building from that first study, I worked with Dr. Jean Camp and Siyu Chen, another graduate student at the time, to investigate further on whether giving visual stimuli in the password creation process and later during the authentication process would affect participants’ ability to recall their password successfully. By having an image that a participant selected during password creation appear in the authentication process, we hoped it would trigger an association through episodic memory to increase the success rate of password recall, and our findings showed that to be an effective strategy.
Partnering with researchers at CSIRO’s Data61 lab in Australia, we analyzed two large datasets of emails and passwords to identify if language and socio-cultural factors influence how people formulate passwords that they use online. From analyzing four sets of accounts associated by country and language we found distinct patterns, such as common words being used as passwords regardless of language or social identity connections.
Password Differences Based on Language and Testing of Memory Recall
Jacob Abbott & Violeta Moreno Garcia. In International Journals of N&N Global Technology on Information Security, 2, pp. 1-6. February 2015. <pdf>
CPasswords: Leveraging Episodic Memory and Human-Centered Design for Better Authentication
L. Jean Camp, Jacob Abbott, & Siyu Chen. In 49th Hawaii International Conference on System Sciences (HICSS), pp. 3656-3665. IEEE, January 2016. <https://ieeexplore.ieee.org/abstract/document/7427641>
The Importance of Social Identity on Password Formulation
Marthie Grobler, M.A.P. Chamikara, Jacob Abbott, Surya Nepal, & Cecil Paris. Personal and Ubiquitous Computing, Springer, November 2020. <https://doi.org/10.1007/s00779-020-01477-1>
All photography provided by Jacob E. Abbott