Understanding How People Share Passwords

Document Type

Conference Proceeding

Publication Date

1-1-2024

Abstract

Many systems are built around the assumption that one account corresponds to one user. Likewise, password creation and management is often studied in the context of single-user accounts. However, account and credential sharing is commonplace, and password generation has not been thoroughly investigated in accounts shared among multiple users. We examine account sharing behaviors, as well as strategies and motivations for creating shared passwords, through a census-representative survey of U.S. users (n = 300). We found that password creation for shared accounts tends to be an individual, rather than collaborative, process. While users tend to have broadly similar password creation strategies and goals for both their personal and shared accounts, they sometimes make security concessions in order to improve password usability and account accessibility in shared accounts. Password reuse is common among accounts collectively shared within a group, and almost a third of our participants either directly reuse or reuse a variant of a personal account password on a shared account. Based on our findings, we make recommendations for developers to facilitate safe sharing practices.

Identifier

85204873364 (Scopus)

ISBN

[9781939133427]

Publication Title

Proceedings of the 20th Symposium on Usable Privacy and Security, SOUPS 2024

First Page

219

Last Page

237

Grant

1955805

Fund Ref

National Science Foundation

This document is currently not available here.

Share

COinS