One of the most popular passwords in 2016 was "qwertyuiop," even though most password meters will tell you how weak that is. The problem is no existing meters offer any good advice to make it better—until now. Researchers from Carnegie Mellon University and the University of Chicago have just unveiled a new, state-of-the-art password meter that offers real-time feedback and advice to help people create better passwords. To evaluate its performance, the team conducted an online study in which they asked 4,509 people to use it to create a password. "Instead of just having a meter say, 'Your password is bad,' we thought it would be useful for the meter to say, 'Here's why it's bad and here's how you could do better,'" says CyLab Security and Privacy Institute faculty Nicolas Christin, a professor in the department of Engineering and Public Policy and the Institute for Software Research at Carnegie Mellon, and a co-author of the study. The study will be presented at this week's CHI 2017 conference in Denver, Colorado, where it will also receive a "Best Paper Award." This data-driven feedback is presented in real-time, as a user is typing their password out letter-by-letter. The team has open-sourced their meter on GitHub. Read more at https://phys.org/news/2017-05-unveil-password-meter-users-passwords.html
The Extreme Science and Engineering Discovery Environment (XSEDE) is supported by the National Science Foundation.
For general questions, contact firstname.lastname@example.org | For user assistance, please submit a consulting ticket | ©2011 XSEDE. All Rights Reserved.