Effects of Password Permutation on Subjective Usability Across Platforms

Published: August 04, 2015


Kristen Greene


The current work examines subjective password usability across platforms—desktop, smartphone, and tablet—using system- generated passwords that adhere to the stricter password requirements found in higher-security enterprise environments. This research builds upon a series of studies at the United States National Institute of Standards and Technology (NIST) by testing a previously proposed idea of password permutation: grouping like character classes together in order to improve password usability. Password permutation improves mobile device entry by reducing the number of onscreen keyboard changes required to enter numbers and symbols. Across devices, participants rated the longer (length 14) permuted passwords as easier to type than the shorter (length 10) non-permuted passwords. This demonstrates that the composition and structure of a password are important; people are sensitive to factors beyond simply password length. By combining qualitative and quantitative research, we will ultimately arrive at a more complete understanding of how password construction impacts usability.
Proceedings Title: Proceedings of the 17th International Conference on Human-Computer Interaction (HCII2015)
Conference Dates: August 2-7, 2015
Conference Location: Los Angeles, CA
Conference Title: 17th International Conference on Human-Computer Interaction (HCII 2015)
Pub Type: Conferences


Passwords, authentication, security, mobile text entry, typing, touchscreens, smartphones, tablets, password permutation, chunking
Created August 04, 2015, Updated February 19, 2017