Users Provide Stronger Passwords If They Can Visualize Password Strength

A survey found that website users creating passwords were more likely to opt for a stronger password if they knew how weak their choices were.

• By Sydny Shepard
• Mar 05, 2018

Researchers have uncovered a simple way to get more computer users to opt for stronger passwords: tell them how bad their password is.

The idea comes from research conducted by a team led by the University of Plymouth’s Center for Security, Communications and Network Research, which tested the effectiveness of password advice strategies through two experiments.

In the first experiment, 300 users creating a website account were offered either no password advice or were aided by a password meter, emotive feedback message or emoji that judge their password strengths as weak, adequate or strong.

Those who were created their passwords with help improved their passwords tremendously. Password choices rated as “weak” dropped from 75 percent for the group that had no guidance to less than a third for those given emotive feedback.

The second experiment told 500 users in the US how quickly their account might be hacked according to the strength of their password, causing them to choose passwords that were longer and up to ten times more complex than their original.

This pointed to an interesting outcome. While it is true that people are more likely to strengthen their passwords based on feedback, it is the way that you tell them that continues to alter human behavior.

The study found that people were more likely to enhance their password strength when they were told how fast a criminal could hack their account than if they were just shown a password meter or an emoji.