The password thicket:
technical and market failures in human authentication on the web

Joseph Bonneau
Computer Laboratory
University of Cambridge
jcb82@cl.cam.ac.uk

Sören Preibusch
Computer Laboratory
University of Cambridge
sdp36@cl.cam.ac.uk

The Ninth Workshop on the Economics of Information Security (WEIS 2010)

Please email the authors for comments, inquiries, or suggestions for additions.

Downloads:

Selected press coverage:

Notes on dataset

2010-08-01: To reconstruct the password score in the Excel sheet, you may use the following formula:
=MIN(BZ10-SUM(BS10:BU10)-BO10+BI10+BH10+BG10-BE10+IF(AV10>1,1,0)+AX10+MAX(AY10:AZ10)+AN10+IF(AL10="Enrolment, Log-in, Change",0,1)+AG10+AH10+MAX(AA10:AB10)+3,10)

back to publications