Abstract

The concept of cognitive passwords is introduced, and their use as a method to overcome the dilemma of passwords that are either difficult to remember or easily guessed is suggested. Cognitive passwords are based on personal facts, interests, and opinions that are likely to be easily recalled by a user. A brief dialogue between a user and a system, where a user provides a system with exact answers to a rotating set of questions, is suggested to replace the traditional authentication method using a single password. The findings of an empirical investigation focusing on memorability and ease-of-guessing of cognitive passwords, are reported. They demonstrate that cognitive passwords are easier to recall than conventional passwords, while being difficult for others, even those close to the users, to guess.< <ETX xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">&gt;</ETX>