Date Added: Jul 2010
Many Internet applications, for example e-commerce or email services require that users create a username and password which serves as an authentication mechanism. Though text passwords have been around for a while, not much has been done in helping naive Internet users in creating strong passwords. Generally users prefer easy-to-remember passwords, but service provides prefer that users use a strong, difficult-to-guess password policy to protect their own resources. In this work the authors have explored how appropriate feedback on password strength can be useful in choosing a strong password. They first discuss the results of a security vs. usability study that they did, which shows the current trends in choosing passwords, and how a password cracking tools can easily guess a majority of weak passwords.