Tuesday, June 17, 2008

Remembering Passwords

Q)How does one remember something?
A) When the mental artifact shifts from the STM (Short Term Memory) to LTM (Long Term Memory).

How does this process happen? One of the ways is through mugging. Now all of us are not smart enough to mug all the time. So when we encounter the artifact again and again in our tasks it gets imprinted in our minds eventually.

For Instance, they teach you in school that the capital of France is Paris in grade 1. You may or may not remember it. Maybe you remember it for the tests but then you forget it. So in grade 2 you encounter the same piece of information again. And again in the third grade. So finally it registers in the mind that the capital of France is Paris.

Forgetting Password
Similarly with Passwords. For the Accounts that you check more regularly the passwords are easier to remember because you encounter that piece of information everyday and hence you 'Remember' it. For accounts that you do not access frequently, the passwords are not remembered. Specially the accounts that you check once in 2 months or more. More so because you have many accounts online each with different usernames and passwords.

As a result, users forget their passwords. Now comes the usability issue. What many sites do is generate a new one instead of sharing the old one on the pretext of more security. This means that the user has now to remember a new piece of information. So sending him a new password as initiated a new cycle of forgetfulness. It has not helped the user remember it. This is because the user does not encounter the same piece of information for him to remember. Instead he has the challenge of remembering an altogether new piece of information.

Remembering Password
Instead the user should help the user encounter the same piece of information to the user by either giving him hints or mailing him his password. This ensures that the user eventually remembers his password. The users can delete the main containing the password immediately after getting the password is security is such an issue.

A word of Caution
When user does not remember passwords, he tends to note it down somewhere which is again a huge security breach. Instead its best the user remembers the password. We should therefore take steps towards making the user remember his password.

5 comments:

Smriti Paul said...

The trick I used to over come my password memory loss is to have only one single password for every site that requires a login and a password. This way its easy to remember as its one single word and is used everyday.

Archana Narayan said...

Megs, very interesting post! Several times I have forgotten my password. I have created new accounts, gave up withdrawing money from the ATM, etc because of this. Now days I finally resort to remember me on this computer option to ensure that the password and userid is available. Even user id is a pain..... I remember registering on IRCTC (Railways online booking) and forgetting my user id. Had to try several combinations before i got it. This was because they don't allow any special characters in the user id and all my user ids have a '.'

Rohan D'souza said...

I think LTM/ STM portion is ulti-cool.

The easiest way i have found to remember my passwords is to keep something that is personal along with substitution of words for numbers and vice versa. And whats more it seems to register into the motor memory and most of the times i dont even think and enter passwords.

I don't seem to forget most of the times thanks to the wierd combinations i choose!

Anonymous said...

The trick I use is " keep a specific combination for password."
For example, The combination can ideally have three parts. First part, something picked from the site, which refers to that particular site.Second part is some particular term I like or I never forget, third part is an important number in my life.

Suppose you are creating an ID in Skype
Then Password can be:first part- skype
second part - white (your favourite color)
third part - 80 (% of mark in engineering)
So total :skypewhite80
For MSN: msnwhite80

Similarly we can find out different combinations which makes us to remember it fast.

Meghna James said...

That's a neat way to remember. I am curious if most people are smart enuf to follow a structure in passwords..I guess people just pick something random. Random is difficult to memorize.