@inproceedings{30d0a2b55f1c41d390dba6332b7b2807,
title = "The effectiveness and usability of passphrases for authentication",
abstract = "In developing password policies, IT managers must strike a balance between security and memorability. Rules that improve structural integrity against attacks (e.g., increasing length and multiple character types) may also result in passwords that are difficult to remember. Recent technologies have relaxed the 8-character password constraint - permitting the creation of longer pass-{"}phrases{"} consisting of multiple words. Psychology theories suggest users can remember passphrases at least as well as passwords. This paper reports an experiment currently in progress that tests the usability of passphrases. Subjects are randomly assigned to three different password creation techniques: a control group with no constraints, a secure group given strong password requirements, and a passphrase group. It is expected that the passphrases group will have fewer failed login attempts than the secure group and no more failed login attempts than the control group. Practical implications include stronger authentication with reduced help desk costs.",
keywords = "Authentication, Memory, Passwords, Security",
author = "Mark Keith and Benjamin Shao and Paul Steinbart",
year = "2005",
language = "English (US)",
isbn = "9781604235531",
series = "Association for Information Systems - 11th Americas Conference on Information Systems, AMCIS 2005: A Conference on a Human Scale",
pages = "3354--3357",
booktitle = "Association for Information Systems - 11th Americas Conference on Information Systems, AMCIS 2005",
note = "11th Americas Conference on Information Systems, AMCIS 2005 ; Conference date: 11-08-2005 Through 15-08-2005",
}