For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
40
views
1
references
 Top references
cited by
5
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
0 collections
    0
    shares
      98
      similar
       All similar
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      How to Create Memorizable and Strong Passwords

      research-article
      Author(s): , MSc, PhD 1 , 2 , , , MPsych, PhD 1 , 2 , , MPsych 1 , 2 , 3 , , MA, MPsych, PhD 1 , 2
      Editor(s):
      Other contributor(s): (Reviewer)
      Publication date (Electronic):
      Journal: Journal of Medical Internet Research
      Publisher: Gunther Eysenbach
      Keywords: Privacy, security, passwords, psychology

      Read this article at

      ScienceOpenPublisherPMC
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          How to Create Memorizable and Strong Passwords In a recent JMIR article, El Emam, Moreau and Jonker highlight the importance of using strong passwords to protect personal health information in clinical trials [1]. An important implication that was not fully discussed is the potential problem people may have to create passwords that are complex but at the same time easy to remember. To address this problem we propose the PsychoPass methord, a simple way to create strong passwords which are easy to remember. This method relies on mental practice and is not an hardware or a software to download. The idea is that a password can be created, memorized and recalled by just thinking of an action sequence instead of a word or string of characters. To be more specific, the method consists of the following steps (see Figure 1 and 2): (1) begin with a letter on the keyboard; (2) memorize a sequence of actions (something like “the key on the left, then the upper one, then the one on the right”, and so on); (3) memorize the sequence (not the letters used); (4) create as many passwords as you want by remembering only the first letter and the sequence. Using different types of sequences it is possible generate thousands of different passwords. Using sequences' combination is possible to create an infinite number of passwords. Moreover the created passwords will be a nonsense sequence of letters, numbers and symbols, resilient to any attack. Furthermore the password communication among colleagues maybe done just by using the first letter and on the base of a common knowledge of the sequence (e.g., sequence 3, letter j). El Emam and Colleagues state that more sophisticated collaboration tools are required to allow file sharing without password sharing, and provide several recommendations to implement these practices. We think that more awareness and new practices among users may represent the correct way to implement security beyond the technological issues. In particular, future research needs to focus on the processes that make technology a powerful tool for security. Figure 1 The same sequence to generate different passwords (about 15 minutes to memorize the sequence). Figure 2 Another sequence to generate other passwords (about 15 minutes to memorize the sequence).

          Related collections

          Most cited references1

          • Record: found
          • Abstract: found
          • Article: found
          Is Open Access

          How Strong are Passwords Used to Protect Personal Health Information in Clinical Trials?

          Khaled El Emam, Katherine Moreau, Elizabeth Jonker (2011)
          Background Findings and statements about how securely personal health information is managed in clinical research are mixed. Objective The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Methods Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try to crack their passwords. Second, interviews with 20 study coordinators were conducted to understand file-sharing practices in clinical trials for files containing personal health information. Results We were able to crack the passwords for 93% of the files (14/15). Among these, 13 files contained thousands of records with sensitive health information on trial participants. The passwords tended to be relatively weak, using common names of locations, animals, car brands, and obvious numeric sequences. Patient information is commonly shared by email in the context of query resolution. Files containing personal health information are shared by email and, by posting them on shared drives with common passwords, to facilitate collaboration. Conclusion If files containing sensitive patient information must be transferred by email, mechanisms to encrypt them and to ensure that password strength is high are necessary. More sophisticated collaboration tools are required to allow file sharing without password sharing. We provide recommendations to implement these practices.
          Article 0 comments Cited 9 times – based on 0 reviews     Review now
            Bookmark
            All references

            Author and article information

            Contributors
            Pietro Cipresso:
            Applied Technology for Neuro-Psychology LabIRCCS Istituto Auxologico ItalianoVia Pellizza da Volpedo 41Milano, 20149Italy39 61911 ext 289239 619112892p.cipresso@auxologico.it
            Journal
            Journal ID (nlm-ta): J Med Internet Res
            Journal ID (iso-abbrev): J. Med. Internet Res
            Journal ID (publisher-id): JMIR
            Title: Journal of Medical Internet Research
            Publisher: Gunther Eysenbach (JMIR Publications Inc., Toronto, Canada )
            ISSN (Print): 1439-4456
            ISSN (Electronic): 1438-8871
            Publication date Collection: Jan-Feb 2012
            Publication date (Electronic): 10 January 2012
            Volume: 14
            Issue: 1
            Electronic Location Identifier: e10
            Affiliations
            [1] 1Applied Technology for Neuro-Psychology Lab IRCCS Istituto Auxologico Italiano MilanoItaly
            [2] 2Psychology Department Catholic University of Milan MilanoItaly
            [3] 3Freelancer MilanItaly
            Article
            Publisher ID: v14i1e10
            DOI: 10.2196/jmir.1906
            PMC ID: 3846346
            PubMed ID: 22233980
            SO-VID: 4a2ab33b-084e-468b-8d0a-f770b591117c
            Copyright © ©Pietro Cipresso, Andrea Gaggioli, Silvia Serino, Sergio Cipresso, Giuseppe Riva. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 10.01.2012.
            License:

            This is an open-access article distributed under the terms of the Creative Commons Attribution License ( http://creativecommons.org/licenses/by/2.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in the Journal of Medical Internet Research, is properly cited. The complete bibliographic information, a link to the original publication on http://www.jmir.org/, as well as this copyright and license information must be included.

            History
            Date received : 06 August 2011
            Date accepted : 07 January 2012
            Categories
            Subject: Letter

            ScienceOpen disciplines: Medicine
            Keywords: privacy,security,passwords,psychology
            Data availability:
            ScienceOpen disciplines: Medicine
            Keywords: privacy, security, passwords, psychology

            Comments

            Comment on this article

            scite_

            Similar content98

            See all similar

            Cited by5

            See all cited by

            Most referenced authors3

            See all reference authors