Comparison of Usability and Security of Password Creation Schemes

Anne Wildenhain, Jeremiah Blocki, Anupam Datta, Manuel Blum

August 11, 2012

 

Anyone who wishes to use the internet is confronted by the task of creating passwords.  The user is presented with a multitude of different password creation schemes and even a simple Google search provides torrents of—frequently conflicting—advice.  Users may not know which scheme to choose and are often unable to gauge the security and usability of the password creation methods suggested to them.

Many of these password creation schemes are also vague in their instructions.  Left without guidance, users tend to create passwords that are much weaker than the few examples proffered by the author of the scheme.  They find themselves with unfounded confidence in the security of their passwords and ecstatic about their usability, while unbeknownst to them adversaries are systematically breaking into all their accounts.

In this paper, we look at a sample of password schemes found in scholarly papers, National Institute of Standards and Technology publications, and through simple Google searches, all sources that users might investigate when creating their passwords.  We describe the schemes and present their pros and cons.  We then assign a “gut feeling” value to each scheme’s usability and security.  These values are displayed in a table and graphed in a scatter plot.  Examples of each password creation scheme are also shown in the table.

This work was supported by the National Science Foundation under grant CCF-0830540.

 


 

Scheme Descriptions

 

 

(Note:  The user does not write anything down unless it is explicitly specified in the scheme description.)

 

Scheme 1: Control: Just hit enter

User hits enter for all passwords.

 

Scheme 2: Base password plus derived

http://lifehacker.com/5631203/how-to-update-your-insecure-passwords-and-make-them-easy-to-use

User creates a base password and then attaches characters from the site name to a chosen location in the base password for each individual password.

 

Scheme 3: NIST Base password plus modification

http://csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf

User creates a base password and then attaches a different modification to create each password (different location and/or different characters). This modification does not have to have anything to do with the site name. User then records the location and identity of the modifications and notes which site corresponds to each modification and refers to this guide to log in. User does not write down the base password.

 

Scheme 4: Base PAO (Person Action Object)

(copied from email from Jeremiah) “Creating a Password: The user first selects three people that is familiar to him (e.g., boss, coworker, brother, father, friend, etc…) The user then randomly selects a random action and a random object (using a computer program for random selection). The user should store the names of the people he selected publically in a convenient location (file on the computer, public web site, printed photo carried in wallet etc…). The user does not need to worry about hiding these names. He should also publically note which account the names are being linked to.

Memorize Password: The user spends a few moments trying to imagine the stories playing out.

Rehearse Password: Rehearse the password after 1 day, then after 4 days, then after 8 days, 16 days ….(logging in to the site counts as a rehearsal.)

Recall Password: The user looks at the names, remembers the corresponding actions/objects and enters his password.

Recommendations: Use a small set of vivid actions and vivid objects (around 80 actions + 80 objects). The user should use separate names/PAO stories for each account.”

 

Scheme 5: Base Picture Scheme

(copied from email from Jeremiah) Creating a Password: The user first selects a picture that is interesting to him. The user then randomly selects 16 words from a dictionary (using a computer program for random selection). The user may select 4 of these 16 words to form a password. The user should store the picture publically in a convenient location (file on the computer, public web site, printed photo carried in wallet etc…). The user does not need to worry about hiding the picture. He should also publically note which account the picture is being linked to.

Memorize Password: The user creates a story involving these four words inside the picture. The user can create any story he wants, but we would recommend stories that are unusual or surprising.

Rehearse Password: Rehearse the password after 1 day, then after 4 days, then after 8 days, 16 days ….(logging in to the site counts as a rehearsal.)

Recall Password: The user looks at the picture, remembers the corresponding words and enters his password.

Recommendations: Sort the words so that you don’t have to remember the order. Use a dictionary of 20,000 words so that everyone will be familiar with the words that are selected. The user should have a separate picture/story for each account. The same picture should not be reused for multiple stories.”

 

Scheme 6: Base password plus derived plus random

http://safeandsavvy.f-secure.com/2010/03/15/how-to-create-and-remember-strong-passwords/

Annika suggests that users first create a “pin” [base password] that is at least three characters long. Users should then create a system that converts the site name into a portion of their password (like with the base password system). To create a password, users combine the characters created from the site name with the pin and then add at least four random characters to the end of the password. She then suggests that the user writes down the portion of the password from the site name and the random characters but not the pin. The random characters are different for each password.

 

Scheme 7: Combining words algorithm

http://www.sans.org/reading_room/whitepapers/authentication/combating-lazy-user-examination-password-policies-guidelines_142

(copied from Sam Wilson’s paper, page 10)

“Algorithms can be developed to help users remember mixed character passwords. The following is an example of an algorithm that could be used:

1. Think of two words easily remembered – airplane wing (for example)

2. Add up the number of characters – 12

3. Take out the vowels and put the number in between – rpln12wng

4. Capitalize the first and last word – Rpln12Wng

5. Change one of the letters to a special character – Rp!n12Wng

6. You now have a secure password that is somewhat easy to remember.”

 

Scheme 8: NIST Combining words algorithm

http://csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf

(copied from NIST publication) “A user can combine two or three unrelated words and change some of the letters to numbers or special characters.” This is the extent of the instructions for this scheme.

 

Scheme 9: Mnemonic Scheme

http://www.rowan.edu/toolbox/network/username_password/password/index.html

(copied from the Rowan University website) “1. Make up a sentence you can easily remember.” “2. Now take the first letter of every word in the sentence, and include the punctuation. You can throw in extra punctuation, or turn numbers into digits for variety.” One phrase per password.

 

Scheme 10: NIST Mnemonic Scheme

http://csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf

(copied from the NIST publication) “A user selects a phrase and extracts a letter of each word in the phrase (e.g., the first letter or second letter of each word), adding numbers or special characters or both.” Although the directions specify that only one letter is taken per word, two of the NIST examples include words from which more than one letter was taken. Because of this, I concluded that this was permissible for the scheme. Punctuation and capitalization are preserved in the phrases. One phrase per password.

 

Scheme 11: NIST Altered Passphrase

http://csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf

(copied from NIST publication) “A user selects a phrase and alters it to form a derivation of that phrase.” These alterations include phonetic spelling, capitalization changes, and changing letters/words to numbers/special characters. A new phrase is used for each password.

 

Scheme 12: Inkblots

http://hotsoft.carleton.ca/~sonia/wordpress/publications/

Users are presented with a series of ten computer generated blots and are prompted to think of a word or phrase that describes each one. They are then asked to type only the first and last letter of the word/phrase. For authentication, users are presented with the inkblots in a different order than they saw them for password creation (this order remains the same for all authentications) and are prompted to type their ten two-letter pairs as their password. This process is repeated for each account.

 

Scheme 13: City, State pair

http://www.soundpuzzle.com/passwords.html

User takes city, state or city, country pair, removes the vowels, and inserts a punctuation mark between the two words. They then substitute some of the letters for ones that can sound the same phonetically and capitalizes these, and some of the letters for numbers that look the same or have some other logic for their substitution. Each password is based on a new pair.

 

Scheme 14: Control: Random characters

User uses a unique 10 character random string for each password. Characters are taken from the 95 keyboard characters.

 

Scheme 15: Mnemonic scheme plus street address

http://urbansemiotic.com/2005/12/11/hardening-passwords/

First, David Boles has the user choose a phrase and take the first letter of each word in the phrase (preserving capitalization but not preserving punctuation). He then attaches the number of a street address, followed by the first letter of each word in the street name preserving capitalization. He also incorporates frequent password changes into his system, suggesting a change once every six weeks (by which time the user will have run out of street addresses that they remember).


 

 

Pros and Cons

 

 

Pros are marked in greenCons are marked in red.

 

Scheme 1: Control: Just hit enter

Very easy to use, no memorization

All passwords the same, so no confusing one with another

All passwords the same, so adversary gains access to everything when gets one

Horrible security even if adversary does not have any other passwords

Knowing the scheme immediately gives adversary all passwords

Some sites do not allow this as a password, user would have to have a fall-back plan

 

Scheme 2: Base password plus derived

User only has to remember base password and algorithm

Once the system is in place, making/remembering more passwords is no extra effort

Site name used as cue

User creates algorithm (not provided by computer), takes effort, will most likely not be complicated

If adversary obtains one password, likely able to determine base and algorithm and crack all others, if adversary obtains two passwords, definitely able to get base

Even if adversary is unable to determine the algorithm but has base, would be able to brute force that portion of the password

 

Scheme 3: NIST Base password plus modification

User only has to remember base password

Modification not determined by site name, so, in theory, adversary would be unable to derive it

Modifications placed in different locations in the password, less predictable

User has to carry paper with them, causes hassle and security issues

User has to invent each password’s modification and each modification’s location in the password

If adversary obtains one password, likely able to determine base and crack all others, if adversary obtains two passwords, definitely able to get base

 

Scheme 4: Base PAO (Person Action Object)

All memorization is cued

Adversary not aided by cue

Learning any number of passwords is not an advantage to the adversary

Knowing the scheme not an advantage for adversary

Takes advantage of chunking

Easy to type words without capital letters, special characters, numbers

Rehearsal schedule makes forgetting less likely

Rehearsals required

Some sites may not accept a password 20 characters long, need a fall-back plan

Long password takes time to type, more possibility for mistakes

User required to select people to use as cues

Possible for multiple passwords to include same action or object, could cause interference.

 

Scheme 5: Base Picture Scheme

All memorization is cued

Adversary not aided by cue

Learning any number of passwords is not an advantage to the adversary

Knowing the scheme not an advantage for adversary

Takes advantage of chunking

Easy to type words without capital letters, special characters, numbers

Rehearsal schedule makes forgetting less likely

Rehearsals required

Some sites may not accept a password 20 characters long, need a fall-back plan

Long password takes time to type, more possibility for mistakes

Requires user create a story to memorize the words, may be difficult for some users

Requires user choose picture for cue

 

Scheme 6: Base password plus derived plus random

User only has to remember base password

Once the system is in place, making/remembering more passwords is no extra effort

Site name used as cue

User creates algorithm (not provided by computer), takes effort, will most likely not be complicated

User required carrying paper with them, causes hassle and security issues

System asks that users write down derived components, which compromises the component’s security and is unnecessary

Length of components not long enough to resist brute force attack if one of the components is compromised

 

Scheme 7: Combining words algorithm

Number, special character, capital letters required by scheme

Identity and location of number and capital letters dictated by algorithm

Takes advantage of chunking

Location and identity of special character must be memorized

User (not computer, random selection)  has to choose words that are adequate

No cue, no linking of the specific password with its specific site

Adversary able to create dictionary if discovers system

 

Scheme 8: NIST Combining words algorithm

Takes advantage of chunking

User required to create algorithm used to connect words

Requires the user to choose “unrelated” words

Word choice not random (would benefit security) or related (would benefit memory)

Location and identity of capital letters, special characters, and numbers must be memorized

No cue, no linking of the specific password with its specific site

Adversary able to create dictionary if discovers system

 

Scheme 9: Mnemonic Scheme

No obvious words in the password, would not be broken by a dictionary attack using English words

Phrase memorized as one chunk

User has to think of new phrase for each new password

Phrase likely one from popular culture, adversary able to create a dictionary to use to crack

No cue, no linking of the specific password with its specific site

“Extra punctuation” requires the user choose to add it, choose to place it

“Extra punctuation” difficult to remember

 

Scheme 10: NIST Mnemonic Scheme

No obvious words in the password, would not be broken by a dictionary attack using English words

Phrase memorized as one chunk

User has to think of new phrase for each new password

Phrase likely one from popular culture, adversary able to create a dictionary to use to crack

No cue, no linking of the specific password with its specific site

“Extra punctuation” requires the user choose to add it, choose to place it

“Extra punctuation” difficult to remember

 

Scheme 11: NIST Altered Passphrase

Utilizes chunking

User required to invent new phrase per password

No guidelines for alteration of phrase

User must remember how they altered their phrase, will either forget or use common, predictable alterations

No cue, no linking of the specific password with its specific site

 

Scheme 12: Inkblots

All memorization is cued

Adversary not helped by the cue

Ten cues per password, user possibly unable to distinguish the cues

Some sites may not accept a password 20 characters long, need a fall-back plan

No rehearsals, likely user will forget passwords not often accessed

 

Scheme 13: City, State pair

Includes all four character sets

Location random, user not required to invent it

Knowing other passwords would not aid adversary much

Possible for user to have difficulty obtaining random location

Very possible that user does not know of the city in the first place

No cue, no linking of the specific password with its specific site

Adversary able to create dictionary if discover system

 

Scheme 14: Control: Random characters

Learning any number of passwords is not an advantage to the adversary

Knowing the scheme not an advantage for adversary

Provable security

User not required to create anything by themselves, just memorize

Very difficult to memorize

No cue, no linking of the specific password with its specific site

No rehearsals, likely user will forget passwords not often accessed

 

Scheme 15: Mnemonic scheme plus street address

Includes numbers and capital letters

Takes advantage of chunking

Not necessary for phrase to be specifically “good” (as in, includes other character sets)

New phrase, new street address needed for each new password

User must think of phrases

User will run out or reuse street addresses

Requires password change every 6 weeks

No cue, no linking of the specific password with its specific site

Passwords follow pattern: numbers in the same location, last letter most likely A(venue), S(treet), L(ane), R(oad) or D(rive)

 


 

Security

Usability

Other Examples

Examples provided by site

Scheme

Usability and Security from Gut Feeling

Scale: 10 is best, 0 is worst

0

10

 

--

1

Control: Just Hit Enter

2

9

12amazon34   (same user)

12yahoo34

**amelolynneon**   (three users)

ASDFYHAO

GMLT10AMA

2

Base Password plus Derived

3

8

passwordA1!   (same user)

B2@password

A1!passwordB2@

42*G00dTimes   (same user)

G00dTimes*42

42*G00d#23Times

3

NIST Base Password plus Modification

9

7.5

 canning rib    signing patty    fuming tiger

 searing rat    chipping nail    sipping waffle

--

4

Base PAO  (Person Action Object)

9

7.5

administrator beastly hurry longbow

bill extraterrestrial livid prescription

--

5

Base Picture Scheme

4

7

baseama=g%V   (amazon)   (same user)

baseyahFgbi   (yahoo)

basegma4A<c   (gmail)

aMa229925!   (amazon)    (same user)

25!gMaxy76   (gmail)

6

Base Password plus Derived plus Random

5

6

Tw8Wrd$

Ps$8wrd

Rp!n12Wng

7

Combining Words Algorithm

6

5.5

fi$H$tring

EggD0g

B@nkC@mera

m4!lf0N3

8

NIST Combining Words Algorithm

7

4

Titptmga(This is the password to my gmail account.)

Icrtpbiiap(I can remember this password because it is a phrase.)

Ttlshiwwya(Twinkle, twinkle…)

Ih2k:JaJ.  (I have 2 kids: Jack and Jill.)

IlteB&J'ic(I like to eat Ben & Jerry’s ice cream.)

N,tcoNJ'G!

9

Mnemonic Scheme (phrase)

7

4

Timp(This is my password.)

HaYOUt(How are YOU today?)

Pbmbval(Please be my best valentine.)

TitwcIhedimLIFE!

Iady#1f.   (I am definitely your #1 fan)

10

NIST Mnemonic Scheme

7

4

th1s.!s.my.Pa$$phr@$3

1ce,up0n,@,t1me

2.be.0r.nOt@to0.bEE

Dressed*2*the*9z

11

NIST Altered Passphrase

8

4

byywperdslftbsgnbe  (ButterflY, YelloW, PurplE, ReD, SmalL....)

--

12

Inkblots

2.5

2

plK,p1nd  (Plock, Poland)

llt*b1v  (El Alto, Bolivia)

b1r.C2Zs   (Beeler, Kansas)

13

City, State pair

10

1

kj”zH<~aJ5

L@uWf+8VQy   

--

14

Control: Random characters

7

0

Tqbfjotld220MB  (The quick brown fox jumps over the lazy dog.  +  220 Main Building)

Timp5000FA

Yhdemr6321CA  (Yes, her dog eats marble rye.  + 6321 Carleton Avenue)

15

Mnemonic Scheme plus Street Address