Journal ArticleDOI
Development of a Model for Determining the Impact of Password Authentication Practices on Information Security
Deborah S. Carstens,Pamela McCauley-Bell,Linda C. Malone +2 more
- Vol. 44, Iss: 2, pp 342-345
Reads0
Chats0
TLDR
The findings indicate that human error associated with password authentication can be significantly reduced through the use of passwords which are comprised of meaningful data for the user and which meet the information technology community requirement for strength of password.Abstract:
This research focuses on the development of a model for evaluating the human impact that password authentication issues are having on the security of information systems. Through observational analysis, organizational policy, and retrospective analysis, researchers created a model for predicting the vulnerability that a particular set of conditions will have on the likelihood of error in an information system. The methodology for the experiment and analysis of the results are presented. The findings indicate that human error associated with password authentication can be significantly reduced through the use of passwords which are comprised of meaningful data for the user and which meet the information technology community requirement for strength of password. The details of this study are provided as well as the human factors implications in information security.read more
Citations
More filters
Dissertation
Persuasive password security
TL;DR: In this article, a grounded theory model of the process users go through when choosing password-related behaviours in the absence of any organizational efforts to influence this choice is presented, which is subsequently extended to incorporate the effect on user behaviour of password regulations and their associated punishment regimes.
False Impressions: Contrasting Perceptions of Security as a Major Impediment to Achieving Survivable Systems
TL;DR: The results show that a user’s level of trust and risk are based on perceptions of website design that are significantly different based on prior knowledge, and it is reported that corporations are already exploiting this result to maximize the use of superficial security cues that do not provide protection while minimizing investment in technological security solutions that do provide protection.
Dissertation
Identity management : strengthening one-time password authentication through usability
TL;DR: In this thesis, the security and usability aspects of contemporary methods for authentication based on one-time passwords (OTP) are examined and analyzed, and more scalable solutions that provide a good user experience while at the same time preserving strong security are proposed.
References
More filters
Journal ArticleDOI
Human error: an overlooked but significant information security problem
TL;DR: Why the practitioner should reestablish human error as a high priority issue worthy of significant and continuous attention is discussed and standard techniques for dealing with errors are brought into the normal practice of information security.