The effect of human memory on password behavior : An investigation

Abstract: Passwords are widely used as a primary method of authentication and access control, making them a critical component in safeguarding digital assets. However, individuals’ password-related behaviors, such as password selection, memorization, and management, significantly impact the security of their accounts. Cognitive abilities, one of which is memory capacity, have also been shown in past research to affect cybersecurity awareness and therefore password behavior, as an extension of this. This thesis aimed to explore how individuals’ short-term memory capacity influenced their password behavior and its implications for cybersecurity. The research methodology used a questionnaire as a quantitative approach towards this issue. The study examined participants’ password creation strategies and their ability to remember different aspects using cued recall. Furthermore, the relationship between password behavior and short-term memory capacity was also explored in terms of four different demographic subgroups, namely gender, age, level of education, and IT competence. The evaluation has been performed using statistical analysis on 315 complete questionnaire responses. The results of this thesis work corroborate most of the previous research on the aforementioned topics, such that females and older age were the strongest predictors of correlation between password behavior and short-term memory capacity. This thesis work can be used as guidance when conducting further research on the effects of various cognitive abilities on cybersecurity awareness.