Blase Ur, Neubauer Family Assistant Professor of Computer Science, received a Best Paper Award at CHI 2017, the prestigious ACM conference on computer-human interaction, held in Denver earlier this month.  The paper, titled “Design and Evaluation of a Data-Driven Password Meter,” describes research that will help users select more secure and no less memorable passwords. Ur is the lead author of the paper, which was written with colleagues at Carnegie Mellon University.

The paper builds on previous work, by Ur and coauthors, titled “Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks,” which was presented at the USENIX Security Symposium in 2016 and received a Best paper award there.

That paper proposed using neural networks to simulate a password-guessing attack, which “we hypothesized would let us model in a principled way how humans create passwords using a compact model that could run entirely on the user's computer,” says Ur.

The CHI 2017 paper started with their previous neural network algorithm, but, as Ur explains, “the ultimate goal was to give users explanations for why their password was strong or weak, a task that neural networks do not do.”

“Thus, the CHI 2017 paper augmented the neural network with 21 different structural and semantic characteristics that are common in passwords, and by evaluating these we could also give intelligible explanations to users about why their password is weak. We then designed an interface to present this information and conducted an online, remote user study with 4,509 subjects in which each subject created a password that they had to try to remember at least two days later. We measured a number of aspects of both the security and usability of the passwords users created, finding that the meter we had designed led to much stronger, yet equally memorable, passwords compared to the types of password meters that are widely deployed today.”

More information can be found in an article published by UChicago News and CMU.  Read the article here.

Related News

More UChicago CS stories from this research area.
Video

Nightshade: Data Poisoning to Fight Generative AI with Ben Zhao

Jan 23, 2024
No Name

Research Suggests That Privacy and Security Protection Fell To The Wayside During Remote Learning

A qualitative research study conducted by faculty and students at the University of Chicago and University of Maryland revealed key...
Oct 18, 2023
No Name

UChicago Researchers Win Internet Defense Prize and Distinguished Paper Awards at USENIX Security

Sep 05, 2023
No Name

Chicago Public Schools Student Chris Deng Pursues Internet Equity with University of Chicago Faculty

May 16, 2023
No Name

Computer Science Displays Catch Attention at MSI’s Annual Robot Block Party

Apr 07, 2023
No Name

UChicago / School of the Art Institute Class Uses Art to Highlight Data Privacy Dangers

Apr 03, 2023
Students posing at competition
No Name

UChicago Undergrad Team Places Second Overall In Regionals For World’s Largest Programming Competition

Mar 17, 2023
Young students on computers
No Name

UChicago and NYU Research Team Finds Edtech Tools Could Pose Privacy Risks For Students

Feb 21, 2023
No Name

UChicago Scientists Develop New Tool to Protect Artists from AI Mimicry

Feb 13, 2023
No Name

Professors Rebecca Willett and Ben Zhao Discuss the Future of AI on Public Radio

Jan 26, 2023
No Name

Professor Heather Zheng Named ACM Fellow

Jan 18, 2023
No Name

Professor Fred Chong Named IEEE Fellow

Dec 09, 2022
arrow-down-largearrow-left-largearrow-right-large-greyarrow-right-large-yellowarrow-right-largearrow-right-smallbutton-arrowclosedocumentfacebookfacet-arrow-down-whitefacet-arrow-downPage 1CheckedCheckedicon-apple-t5backgroundLayer 1icon-google-t5icon-office365-t5icon-outlook-t5backgroundLayer 1icon-outlookcom-t5backgroundLayer 1icon-yahoo-t5backgroundLayer 1internal-yellowinternalintranetlinkedinlinkoutpauseplaypresentationsearch-bluesearchshareslider-arrow-nextslider-arrow-prevtwittervideoyoutube