Assessing the memorability of familiar vocabulary for system assigned passphrases
Date
2021-08-01
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Text-based secrets are still the most commonly used authentication mechanism in information systems. Initially introduced as more secure authentication keys that people could recall, passphrases are tokens consisting of multiple words. However, when left to the choice of users, they tend to choose predictable natural language patterns in passphrases, resulting in vulnerability to guessing attacks. System-assigned authentication keys can be guaranteed to be secure, but this comes at a cost to memorability. In this study we investigate the memorability of system-assigned passphrases from a familiar vocabulary to the user. The passphrases are generated with the Generative Pre-trained Transformer 2 (GPT-2) model trained on the familiar vocabulary and are readable, pronounceable, sentence like passphrases resembling natural English sentences. Contrary to expectations, following a spaced repetition schedule, passphrases as natural English sentences, based on familiar vocabulary performed similarly to system-assigned passphrases based on random common words.
Description
Keywords
Authentication, System-assigned passphrase, Memorability, GPT-2