Monday, March 30, 2009

Using Psychology with Passwords



A study of 28,000 passwords by Robert Graham of Errata Security revealed a distinct lack of creativity by U.S. computer users. The statistical analysis found:


  • 16% used their own first name or that of one of their children
  • 14% used simple keyboard combinations such as "123456789" or "QWERTY"
  • 5% of the passwords were of television shows, famous names, etc. such as "Hannah," "Matrix," or "Ironman"
  • 4% used the word "password" or a close variation "password1"
  • 3% used phases such as "Idontcare," "Whatever," "Yes," or "No."

Security experts suggest a password of a minimum of eight characters with at least one capital letter and one symbol. Many suggest having a "mnemonic password". For example:

  • L@Gs4sa7ya - Lincoln at Gettysburg said four score and seven years ago
  • Ih8h2rsmp - I hate having to remember so many passwords
  • Mpcmagr8APPl - Mnemonic passwords could make a great AP Psychology lesson

For a detailed report on mnenomic passwords go to http://www.uninformed.org/?v=all&a=33&t=sumry

No comments: