Are friendly passwords better passwords?

I came across a really nice example of human-oriented design recently (*). Nothing terribly special – just a simple choice made by someone somewhere that reveals a refreshing humanity in an otherwise technology-oriented domain – and makes the product all the better for it.

I happened to discover that several members of my extended family own Netgear internet routers. Like all such devices, access to the WiFi networks that these routers create can be restricted by a password. Now, presumably in response to the difficulty many people have in inventing appropriate passwords, these particular products can also suggest a password that the user might want to adopt for their network. I assume the user can choose their own password instead, but these particular password suggestions have an appealing character. They’re “nice”.
The suggested passwords seem to be generated by combining a random word from a list of adjectives with a random word from a list of nouns, and appending a random three digit number. What’s nice about these lists of words is that they seem to have been chosen to create a positive “affect” (or emotional response).  The resulting passwords include things like FriendlyLotus629 and MagicBalloon172, whilst avoiding things like GrumpySod795. This design choice offers the possibility that the password will be easier to remember, and even offers a little emotional lift to the user right at the moment they may need it most – when they’re struggling to configure their new technology product.  What a neat idea.
Of course, the grumpy sods amongst you may argue that such structured passwords are less secure than something else more completely random. That may theoretically be true. But in practice, I wonder whether by giving their passwords a real human appeal, the designers of these products have increased the probability that their users will adopt them in preference to a truly insecure password like password or not found (**).  Either way, I really like this simple way to improve the aesthetics of a product through a design choice that cost nothing except a few minutes of thought.  Nice one Netgear.
* I think I understood it correctly. If I didn’t, take this description as a further demonstration that some of the best ideas come from misunderstanding something else.
** At least according to a cartoon I saw of someone claiming to have set their password to “not found”, so that when they typed the wrong one the computer would helpfully advise them, “your username or password is not found”.
Tagged with: