A Quest for Inspiration: How Users Create and Reuse PINs


Maria Casimiro, Joe Segel, Lewei Li, Yigeng Wang, and Lorrie Faith Cranor, Carnegie Mellon University


Personal Identification Numbers (PINs), required to authenticate on a multitude of devices, are ubiquitous nowadays. To increase the security and safety of their assets, users are advised to create unique PINs for a lot of accounts they possess. Considering the multiple accounts users hold, remembering a myriad of PINs is often burdensome for users. As a consequence, we suspect users tend to trade-off security for memorability, due to the fear of forgetting their PINs, thus reusing them. To test this hypothesis we conducted a study on MTurk that asked participants about their PIN creation and reuse behaviors. Our results show that users draw inspiration from important dates to create their PINs and that PIN reuse is common practice, even between high and low valued accounts. Participants justify this behavior stating they reuse PINs for convenience and ease of remembrance.

    author = {Casimiro, Maria and Segel, Joe and Li, Lewei and Wang, Yigeng and Cranor, Lorrie Faith},
    title = {{A Quest for Inspiration: How Users Create and Reuse PINs}},
    booktitle = {Who Are You?! Adventures in Authentication Workshop},
    year = {2020},
    series = {WAY~'20},
    pages = {1--7},
    address = {Virtual Conference},
    month = aug,
    publisher = {}
} % No publisher