Common Nonsense about Password Security and the Expert-Layperson Knowledge Gap
29 Pages Posted: 1 Feb 2023
Date Written: February 1, 2023
Abstract
Lay people often are misinformed about what is a secure password, what are the various types of security threats to passwords or password-protected resources, and the risks of certain compromising practices such as reusing passwords and required password expiration. Expert knowledge about password security has evolved considerably over time, but on many points, research supports general agreement among experts about best practices. Remarkably, though perhaps not surprisingly, there is a sizable gap between what experts agree on and what lay people believe and do. The knowledge gap might exist and persist because of intermediaries, namely professionals and practitioners as well as technological interfaces such as password meters and composition rules. In this chapter, we identify knowledge commons governance dilemmas that arise within and between different communities (expert, professional, lay) and examine implications for other everyday misinformation problems.
Keywords: password security, misinformation, disinformation, cybersecurity, common sense, knowledge, expertise, digtial, technology
Suggested Citation: Suggested Citation