TY - GEN
T1 - Batman Hacked My Password
T2 - 20th Symposium on Usable Privacy and Security, SOUPS 2024
AU - Raphael, Maike M.
AU - Kanta, Aikaterini
AU - Seebonn, Rico
AU - Dürmuth, Markus
AU - Cobb, Camille
N1 - Publisher Copyright:
Copyright is held by the author/owner.
PY - 2024
Y1 - 2024
N2 - Password security is and will likely remain an issue that non-experts have to deal with. It is therefore important that they understand the criteria of secure passwords and the characteristics of good password behavior. Related literature indicates that people often acquire knowledge from media such as movies, which influences their perceptions about cybersecurity including their mindset about passwords. We contribute a novel approach based on subtitles and an analysis of the depiction of passwords and password behavior in movies. We scanned subtitles of 97, 709 movies from 1960 to 2022 for password appearance and analyzed resulting scenes from 2, 851 movies using mixed methods to show what people could learn from watching movies. Selected films were viewed for an in-depth analysis. Among other things, we find that passwords are often portrayed as weak and easy to guess, but there are different contexts of use with very strong passwords. Password hacking is frequently depicted as unrealistically powerful, potentially leading to a sense of helplessness and futility of security efforts. In contrast, password guessing is shown as quite realistic and with a lower (but still overestimated) success rate. There appears to be a lack of best practices as password managers and multi-factor authentication are practically non-existent.
AB - Password security is and will likely remain an issue that non-experts have to deal with. It is therefore important that they understand the criteria of secure passwords and the characteristics of good password behavior. Related literature indicates that people often acquire knowledge from media such as movies, which influences their perceptions about cybersecurity including their mindset about passwords. We contribute a novel approach based on subtitles and an analysis of the depiction of passwords and password behavior in movies. We scanned subtitles of 97, 709 movies from 1960 to 2022 for password appearance and analyzed resulting scenes from 2, 851 movies using mixed methods to show what people could learn from watching movies. Selected films were viewed for an in-depth analysis. Among other things, we find that passwords are often portrayed as weak and easy to guess, but there are different contexts of use with very strong passwords. Password hacking is frequently depicted as unrealistically powerful, potentially leading to a sense of helplessness and futility of security efforts. In contrast, password guessing is shown as quite realistic and with a lower (but still overestimated) success rate. There appears to be a lack of best practices as password managers and multi-factor authentication are practically non-existent.
UR - http://www.scopus.com/inward/record.url?scp=85204904432&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85204904432&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85204904432
T3 - Proceedings of the 20th Symposium on Usable Privacy and Security, SOUPS 2024
SP - 199
EP - 218
BT - Proceedings of the 20th Symposium on Usable Privacy and Security, SOUPS 2024
PB - USENIX Association
Y2 - 12 August 2024 through 13 August 2024
ER -