canmove, Confirmed users
1,537
edits
User:Sidstamm/Notes July 2014 SOUPS: Difference between revisions
→Elizabeth Stobert: The password life cycle, user behavior in managing passwords
| Line 315: | Line 315: | ||
== Elizabeth Stobert: The password life cycle, user behavior in managing passwords == | == Elizabeth Stobert: The password life cycle, user behavior in managing passwords == | ||
People have coping strategies for so many passwords: | |||
* Password managers | |||
* Password reuse | |||
These authors interviewed 27 people. They did qualitative analysis using grounded theory. They found 66 patterns in peoples' responses such as "records passwords as backup strategy". They used GT to identify connections between patterns. | |||
* Some people used frequency-based passwords (PW_A for frequently used sites, PW_B for others) | |||
* Many people had a main password | |||
* People write their passwords down | |||
* People use passwords for a very long time. | |||
Rationing: common theme is that people spend more effort creating good passwords for important accounts and reduce their willingness to spend effort on other sites. | |||
Users do not differentiate easily between different scenarios that call for different passwords. (Surprise, they suck at threat modeling.) | |||
= Social nets and access control = | = Social nets and access control = | ||