Memorability of Japanese Mnemonic Passwords

Abstract

Password authentication is the most commonly used mechanism for user authentication. However, its vulnerability to different attacks such as dictionary attacks or brute force attack is well known. The users often use password authentication in insecure ways, such as using weak passwords or reusing passwords, which leads to password crackings. Though these problems are apparent, the trade-offs between password strength and password memorability prevent users from using strong passwords. To realize high password strength and memorability, the use of mnemonic passwords is suggested. However, due to its characteristic that the users must use English sentences, this password-generation strategy is not widely used in countries such as Japan, which do not use English as their native language. Therefore, we introduce Japanese mnemonic passwords, which are passwords using password-generation techniques optimized for Japanese users. We conducted a user study to explore the memorability of Japanese mnemonic passwords. We discuss the types of errors made by the participants and how Japanese mnemonic passwords’ usability can be enhanced. We also discuss how this strategy can be used in other non-English-speaking countries.