Lorrie Faith Cranor: What’s wrong with your pa$$w0rd?

To increase user satisfaction

To reduce the number of password resets

To comply with a consortium's requirements

To simplify password creation

50%

13%

100%

80%

Most people used a wide variety of symbols

Symbols were not allowed in passwords

Symbols significantly increased password strength

Only a few symbols were commonly used

To test password cracking tools

To collect real passwords from users

To gather data on password creation under different policies

To analyze the effectiveness of password meters

Long passwords

Short passwords

Symbolic passwords

Numeric passwords

Pass phrases were not tested

Pass phrases were significantly better

Pass phrases were equally memorable

Pass phrases were less memorable and took longer to type

They were difficult to remember

They were not tested in the study

They were less secure than random passwords

They worked surprisingly well

Business school passwords were stronger

Computer science passwords were weaker

Computer science passwords were stronger

All passwords were equally strong

Passwords are mostly numeric

Passwords often reflect personal interests

Passwords are always complex

Passwords are rarely reused

Lion

Cat

Dog

Monkey