U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

'Passwords Keep Me Safe' – Understanding What Children Think about Passwords

Published

Author(s)

Mary Theofanos, Yee-Yin Choong

Abstract

Children use technology from a very young age, and often have to authenticate. The goal of this study is to explore children's practices, perceptions, and knowledge regarding passwords. Given the limited work to date and that the world's cyber posture and culture will be dependent on today's youth, it is imperative to conduct cyber-security research with children. We conducted the first large-scale survey of 1,505 3rd to 12th graders (Generation Z) from schools across the United States (US). Not surprisingly, children have fewer passwords than adults. We found that children have appropriate mental models of passwords. The children demonstrated many good password practices and behaviors. However, they did not create strong passwords. Generating strong passwords requires mature cognitive and linguistic capabilities which children at this developmental stage have not yet mastered. Cyber-security education should strive to reinforce positive practices while continuing to provide and promote age-appropriate developmental security skills.
Proceedings Title
Proceedings of 30th USENIX Security Symposium,
Conference Dates
August 11-13, 2021
Conference Location
Virtual, MD, US
Conference Title
30th USENIX Security Symposium,
Pub Type
Conferences

Download Paper

Local Download

Keywords

Children, Passwords, Authentication, Mental model, Perceptions, Password practices.
Usability and human factors, Information technology and Cybersecurity

Citation

Theofanos, M. and Choong, Y. (2021), 'Passwords Keep Me Safe' – Understanding What Children Think about Passwords, Proceedings of 30th USENIX Security Symposium, , Virtual, MD, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=928890 (Accessed November 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created August 11, 2021, Updated October 14, 2021