Everything but the User: Reducing Password Reuse
Authors: Miranda Wei

Date: November 19 2018
Publication: PasswordsCon 2018 Stockholm
Source 1: https://mirandawei.com/assets/passwords18-slides.pdf

Abstract or Summary:
Every day, attackers exploit password reuse to breach accounts, costing users and service providers dearly. Conventional wisdom blames users for choosing and reusing easily cracked passwords. However, a complete analysis of the password reuse ecosystem reveals a convoluted situation. While it's true that users poorly understand the risks of reusing passwords, nonsensical password composition policies and confusing notifications further sustain the problem.

This talk argues that reducing password reuse requires solutions going far beyond telling users to not reuse passwords. Reflecting on insights from user studies and qualitative research, I present best practices for designing password-reuse notifications and pose criteria for any potential solutions hoping to ameliorate password reuse.

PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=9X0Ev2RJeTM

Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2019 PasswordResearch.com