Remembering Passwords

Next to hardware unreliability, passwords are probably the biggest headache to everyone involved with computers. End users have trouble coming up with secure ones and remembering them. System administrators are constantly having to reset them and trying to come up with policies that walk the tightrope between security and ease of use. Programmers have to code login pages and handle automated password changes. Database administrators have to accommodate all sorts of crazy characters and password lengths. A number of programs and services have popped up to provide secure password generation and even password storage, making passwords even easier to forget.

Naked Security has put out an article that discusses a recent study by researchers from Microsoft Research and Princeton University in which a technique called “spaced repetition” permitted the vast majority of subjects to remember a 56-bit, random, secure password. Now, 21% of participants did admit to writing the password down, but there does appear to be some value in this method.