Slashdot Mirror

← Back to Stories (view on slashdot.org)

Geezers Pick Stronger Passwords Than Young'uns

Posted by timothy on from the as-many-characters-as-the-post-it-will-hold dept.

McGruber writes "Joseph Bonneau, a computer scientist at the University of Cambridge, calculated the password strengths of nearly 70 million Yahoo! users. He compared the strengths of passwords chosen by different demographic groups and compared the results. People over the age of 55 pick passwords double the strength of those chosen by people under 25 years old." Does this mean that the younger users are more cavalier and naive, or are they simply more cynical about the actual value of strong passwords in the era of large-scale user-database compromises?

5 of 189 comments (clear)

  1. Use case differences... by DrEldarion · · Score: 4, Interesting

    It's probably more likely that younger users don't use Yahoo for anything important, so they don't bother with strong passwords. Older users are more likely to have a Yahoo address as their primary email, etc.

    1. Re:Use case differences... by AliasMarlowe · · Score: 4, Interesting

      bullshit, I"m half a century old and I ssh or use https in browser with ShellInABox to read my mail with mutt.

      we use stronger passwords because we've been around the block enough times to know there are bad people out there

      Yup. And it galls me to see some places sending a confirmation message to your email address with your chosen username and password in cleartext when you register. Maybe that's why the kids don't bother with decent passwords, but to me it's another good reason to use a unique password for every site, and to then tailor the password strength to the weakness of password protection (cleartext, the mind boggles). Luckily, sites with personal and/or financial data (Amazon, banks, etc.) are a bit better, but it's still worth keeping their passwords strong and unique per site.

      BTW, I beat you in the greybeard stakes by a few years...

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  2. How did he analyse it? by Hentes · · Score: 4, Interesting

    Did Yahoo give him its user password database or what?

  3. How many passwords? And can they remember them? by Faizdog · · Score: 4, Interesting

    1) Can the older folks actually remember all their passwords? Or are they writing them down?

    2) On a related note, if they only have one or two passwords to remember (email and maybe something else) that's easier than younger more tech-savvy individuals who may be trying to remember MANY MANY passwords (email 1, email 2, bank account 1, bank account 2, social media website 1, 2, 3, online forum 1, 2, brokerage 1, 2, iTunes Store, Amazon, Ebay, some app, electricity bill, wireless plan, phone plan, credit card 1, 2 ,3, etc, etc, etc).

    I am by no means young, I'm 31, but am part of a more tech savvy generation. I have so many passwords to remember, even after trying to keep them the same, that now I have a whole Gmail label called login info where I store my passwords for everything. Not the actual password but mnemonics that are relevant to me like :"firsthousenum+first name first crush, no space or caps" which would be the street address (house number ) of my first house and the first name of the first girl I had a crush on, with no spaces or Capital letters. That is just an illustrative example, they're actually more obscure.

    And this is after I made a concentrated effort to have categories of passwords, like all financial ones (bank, credit card, brokerage, etc) would be the same, but different systems have different requirements (letters, capitals, numbers, special characters, length) that it didn't work out, plus some force you to change passwords periodically, it's a mess.

    On a different but kind of password related note, I wish that there would be a concept of a temporary password to use for accounts. For instance, I recently travelled abroad for a week, and was worried about key loggers or some other stuff getting my gmail password when I log on in hotels, cafes, other people's houses. What I would've loved is to set up a temporary Gmail password that was only valid for 1 week (in addition to my normal one) and use that while traveling. The temporary password would have limited access, I could send and read emails, but not change any account settings (like passwords, etc.) That would've been fantastic.

    Instead, I changed my Gmail password to another one, but now that I'm back, Gmail won't let me change my password back to the original one (as previous passwords can't be reused). This is something new as I'd done this before while traveling.

    --
    -"Those who fought today will die tommorow."-
  4. Re:the geezer's, obviously by dgatwood · · Score: 4, Interesting

    The latter. They know that the worst that could happen would be somebody impersonating them, and given how unlikely it is for someone to bother cracking their account to do so (SMTP is completely without security, for all practical purposes), they consider their email passwords to be unimportant. Now their Facebook passwords, they will protect. After all, that's where they do most of their communication.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.