Do Smarter People Have Better Passwords?
This research addresses password security for general users, but it is incremental as it applies existing methods to new data with limited impact.
The study investigated whether academic performance correlates with password strength by analyzing breached passwords and GPA data from college students, finding that students with higher GPAs had slightly lower percentages of weak passwords, but the difference was small.
The National Institute of Standards and Technology (NIST) released new guidelines in June of 2017 that recommended new standards for managing and accepting user passwords. Among the new guidelines is a requirement that verifiers should check if a user's supplied password is compromised - that is, already listed in previous breach corpuses. Using a corpus of 320M breached passwords, the researcher collected information regarding Asia Pacific College students using breached passwords. Correlating these with academic performance data from each student's grade history, the researcher found that the students in the highest GPA tier had the lowest % of terrible passwords. The difference is not that large, however, which suggests that weak passwords aren't mainly because of any level of intelligence, nor should it be assumed that highly-intelligent users will have good passwords.