DeepMnemonic: Password Mnemonic Generation via Deep Attentive Encoder-Decoder Model
This addresses the usability gap in password-based authentication systems by making strong passwords easier to remember, though it is an incremental improvement over existing methods.
The paper tackled the problem of generating memorable textual mnemonics for strong passwords to improve usability, and demonstrated that their DeepMnemonic model outperforms a baseline in generating semantically meaningful sentences and helps users memorize passwords effectively.
Strong passwords are fundamental to the security of password-based user authentication systems. In recent years, much effort has been made to evaluate password strength or to generate strong passwords. Unfortunately, the usability or memorability of the strong passwords has been largely neglected. In this paper, we aim to bridge the gap between strong password generation and the usability of strong passwords. We propose to automatically generate textual password mnemonics, i.e., natural language sentences, which are intended to help users better memorize passwords. We introduce \textit{DeepMnemonic}, a deep attentive encoder-decoder framework which takes a password as input and then automatically generates a mnemonic sentence for the password. We conduct extensive experiments to evaluate DeepMnemonic on the real-world data sets. The experimental results demonstrate that DeepMnemonic outperforms a well-known baseline for generating semantically meaningful mnemonic sentences. Moreover, the user study further validates that the generated mnemonic sentences by DeepMnemonic are useful in helping users memorize strong passwords.