Password reuse is a dangerous issue facing many users and their password-protected online accounts. When users fall into a habit of password reuse, they increase the risk of their accounts becoming compromised. We propose that the enforcement of a random character requirement during password generation will subdue the routine of reuse. Furthermore, to help users remember a required random character in their password, each user will be assigned an image which acts as a reminder of their random character. In this paper, we interview six participants and present them with eighteen images that each highlight a character or number association. Through the interview process we concluded that most participants would rather see numbers represented as plaintext in an image rather than counting a set of items. Additionally, we learned participants who utilize passphrases are less likely to find images as a helpful aid for required characters. Finally, we found users felt their image prompter was more secure when the image was busy, and they felt as though they knew a secret about the image.
Suscello, Nicole; Kreider, Christopher; Phelps, William; and Almalag, Mohammad, "Reducing Risk of Password Reuse through Random Character Requirements and Image Prompting" (2021). MWAIS 2021 Proceedings. 21.