Do extroverts create stronger passwords?
Date
2018-04-01
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
We investigate the relationship between personality types and the strength of created and
selected passwords. For this purpose, we conducted an experiment on Amazon’s Mechanical
Turk, with 510 participants. Participants were given a pre-questionnaire that included,
among others, three binary questions: “Password Awareness”, “Security Training” and
“Account Hijacking”, which were used to predict participants’ exposure to passwords in
the past. Our results suggest that participants with higher levels of Extroversion, tend to
create stronger passwords, if they were not required to change an online account password
in the past (e.g., due to a security incident). In contrast, participants with lower levels of
Extroversion tend to create stronger passwords (though not significantly), if they had been
required to change an online account password in the past. These results indicate that there
is a distinct relationship between the Extroversion personality dimension and the way we
create passwords, whether it be in a familiar situation or not. Though password strength, as
investigated, is the criterion of the aforementioned tests, it is worth mentioning that Extroversion
cannot be deemed a predictor in this domain. We also investigated the relationship
between personality and several password characteristics such as the total length, letters,
digits, and symbols used within a password. To this end, we note that for participants who
have had to change an online account password for the first time, Extroversion was directly
correlated with creating and selecting shorter passwords, Openness was directly correlated
with creating passwords containing fewer letters, but more numbers and symbols, and Conscientiousness was directly correlated with creating passwords containing fewer symbols.
These results conclude that there is a distinct correlation between the construction of passwords
and personality when participants are required to change an online account password
for the first time. This thesis presents the detailed observations and findings from our experiment,
discuss potential considerations for contradictions, and identify related future
research.
Description
Keywords
Passwords, Personality, Personalities, Password, Authentication