As humans, we are terrible at password management–hence why we use password managers like Dashlane! We prefer simple-to-remember passwords over complex ones and frequently rely on the same password for multiple accounts. Why? Because it’s easy for us. Which makes it easy for hackers.
But what you may not know is that your brain can be tricked into storing a complex master password, with only a small amount of training.
Using a technique called Spaced Repetition, researchers from Princeton University in the US joined forces with Microsoft Research successfully taught their subjects to remember a 56-bit password (encoded as either 6 words or 12 characters). And it only took on average 12 minutes per user. According to ExamedExistence, Spaced Repetition is designed to counteract the effects of the “Forgetting Curve”– a theory that reviews how much information we can retain over time. The Spaced Repetition technique requires you to repeat info/data you’re trying to remember over a period of days or weeks.
How Spaced Repetition Works
In the experiment, subjects were asked to take a series of attention tests via a computer. The tests themselves were completely irrelevant – it was the initial login each user had to perform to access these tests that were key to tricking them into remembering a complex password or passphrase.
Each time the login screen appeared, it would prompt the user to type a series of words or letters. Crucially, for each login, that prompt would appear later and later, which forced the subject to type them in from memory. If they did this successfully, they were given additional letters or words to remember for next time. This is spaced repetition – a process that works in humans and animals and successfully retains information when repeated over a longer period, as opposed to learning in a shorter time frame.
After 10 days of testing and 90 logins per user, each subject’s password of passphrase was either 12 random characters or six random words – complex enough to give even proficient hackers a headache. And without realizing it, almost all of the research subjects were now typing in the correct password or passphrase from memory. The success rate? An astonishing 94 percent, learning it after about 36 logins.
Science proves undeniably, then, that a single, complex password or passphrase – ideal for a master password, or a single business login – can be burned into your brain if you commit to learning it. Where multiple logins are required, you’re better off investing your time into a password manager that can do all the heavy lifting for you. But these still require a master password, so you’ll still ahead of the game thanks to the research.
Read the full paper online (including why those who failed to remember did so deliberately) here. You can also find out how other research has been using images to trick us into recalling passphrases here.
How you can use Spaced Recognition to Remember Your Master Password
If you want to give Spaced Recognition a try for yourself, check out this video from Thomas Frank from College Info Geek. He’ll give you more information about the history behind spaced repetition–including the psychologists C.A. Mace, H. F. Spitzer, A.W. Melton, T.K. Landauer, R.A. Bjork, and Sebastian Leitner–and how you can use it to remember your Master Password and other complex passwords with paper flashcards and mobile apps. See the full video below!
Or, if you don’t have enough time to remember a complicated password, leave the hard work for Dashlane’s password manager!
If you’re curious as to why it’s super difficult to remember complicated passwords in the first place, check out our own blog post that answers: “Can you really trust your brain to remember your passwords?” Find out!