Stories
Slash Boxes
Comments

SoylentNews is people

What Keeps People from Using Password Managers?

posted by mrpg on Friday June 18 2021, @09:00AM   Printer-friendly
from the 00aa23e67f100945c87d19e4012f dept.

An Anonymous Coward writes:

WSJ: What Keeps People From Using Password Managers?

No pay wall: https://archive.is/HCtcT

Many of us are vulnerable to hackers and eager to secure our online accounts, but lots of us also refuse to use an obvious solution: password managers.

Why? Our research has found that the typical reassurances and promises about password managers just don’t work. Fortunately, our research also suggests there are strategies that can persuade people to get past the psychological barriers and keep their data safe.

[...] In a study I conducted with my Ph.D. student Norah Alkaldi, we found that the two most common methods of persuasion were ineffective in getting people to adopt password managers. The first is the “push” approach—the idea that by showing people the dangers of using simple passwords, recording passwords on their computer or using the same passwords at different sites, we would push them to adopt a safer approach. Users, we found, don’t respond to the push strategy.

[...] The other, “pull,” approach—focusing on the positives of password managers—didn’t deliver any better results.

[...] We discovered two types of “mooring factors” that keep people from changing their behavior.

[...] First, there was the effort required to enter all your passwords into the password manager.

[...] People also fear they will lose all their passwords if they forget their master password.

Original Submission

 
This discussion has been archived. No new comments can be posted.
What Keeps People from Using Password Managers? | Log In/Create an Account | Top | 67 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Saturday June 19 2021, @04:21PM

    by Anonymous Coward on Saturday June 19 2021, @04:21PM (#1147302)

    Create a plain text file of the name of the service to which you are signing up. Like "ExampleSiteDotCom.txt". Inside the file give the full URL to the site main page.

    At about the 200-300th site login, this was the conclusion I came to as well. Aside from a handful of actually important passwords, the majority simply have to be offloaded to a piece of paper, or file, or just constantly re-used.

    Sites and services don't integrate with password managers, and those are specific to machines. Trusting your phone with anything is for fools. Every service and site under the sun now, including an increasing number of sites and apps for utilities and rl services that never needed the internet before, now demand logins and emails and passwords and the whole thing is completely out of control with no end in site.

    It doesn't have to be like this. .ssh file and scripts work and work well for sever administration, with multiple methods of mitigating risk.
    But of course no website or app will ever subscribe to such an open framework, because Big Tech SV is above such things in their common quest to monopolize all the things.

    We could have had a different internet. But we have one that is imploding on itself, because we trusted ad companies and smartphone makers and "professional business" to manage the whole thing. The web will be dead in 10 years no question.