Evaluating Passwords User Behavior and the Psychology of Password Management

Walid Ali Sulaiman Ali Alothman

doi:10.18535/ijecs/v8i04.4304

Articles

Total : PDF: 135 | Total views: 135

Walid Ali Sulaiman Ali Alothman,

Article Date Published : 24 April 2019 | Page No.: 24586-24602 |

DOI https://doi.org/10.18535/ijecs/v8i04.4304

Online Metrics

Abstract

Regardless of how complex an association's security framework is, it stays helpless because of the human factor. Content based passwords are usually utilized for verification in figuring condition. Despite the fact that passwords are considered as the underlying line of assurance for users, they stay simple to compromise. To improve the security of frameworks, different password synthesis policies are embraced. These strategies guarantee that users are made to pick solid passwords that assistance anticipate online ruptures and information spills. Be that as it may, it likewise make passwords hard to retain and review, diminishing the general ease of use. In this examination we researched the ease of use of password strategies and users' view of password security. We additionally reviewed and examined the patterns practiced by users while producing passwords (Crantor, Hong and Reiter, 2016).

Users are not as mindful of security prerequisites and practices as they think. By far most of users' passwords are breakable within days or shorter. Strikingly, we found that the utilization of numbers and uppercase letters is common among clients. Numbers are generally utilized toward the end of the passwords and uppercase letters are for the most part utilized toward the start of passwords. The presence of such patterns makes it simpler for attackers to create progressively compelling dictionaries. In light of the examination in this investigation, we make suggestions to the IT office to improve the password policy (Shen, 2016).

Keywords: password management; password usability; password security; password behavior; password policies; user password

References

Burr, W.E., Dodson, D.F. and Polk, W.T., 2006. Electronic authentication guideline. National Institute of Standards and Technology [Online] Available at: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-3ver1.0.2.pdf [Accessed: 21 February 2019].

Cranor, L. F., Hong, J., Reiter, M. K. 2016. Supporting Password-Security Decisions with Data. PhD Thesis, Carnegie Mellon University

CSID, 2012. Consumer survey: Password habits a study of password habits among American consumers. Austin, Texas, U.S.A.: Office for White Papers Operated by Exeprian

Das, A., Bonneau, J., Caesar, M., Borisov, N., and Wang, X., 2014. The Tangled Web of Password Reuse. Joseph Bonneau [Online] Available at: http://www.jbonneau.com/doc/DBCBW14-NDSS-tangled_web.pdf [Accessed: 23 February 2019].

Dell'Amico, M., Michiardi, P., and Roudier, Y. 2010. Password strength: An empirical analysis. Proceedings of the IEEE INFOCOM, San Diego, 14-19 March, 2010. CA, USA, pp. 983-991.

Florencio, D. and Herley, C. 2007. A large-scale study of web password habits. Proceedings of the 16th International Conference on the World Wide Web, Banff, 08-12 May, 2007. Alberta, Canada, pp. 657-666.

Furnell, S., Jusoh, A., and Katsabas, D. 2006. The challenges of understanding and using security: a survey of end-users. Computers & Security [Online] 25. Available at: https://www.researchgate.net/publication/223844978_The_challenges_of_understanding_and_using_security_A_survey_of_end-users [Accessed: 29 February 2019].

Gaw, S. and Felten, E.W. 2006. Password management strategies for online accounts. Proceedings of the 2nd Symposium on Usable Privacy and Security. Pittsburgh, 12-14 July, 2006. Pennsylvania, USA, pp. 44-55.

Gehringer, E. 2002. Choosing passwords: security and human factors. International

Symposium on Technology and Society 11(9), pp. 369-373.

Helkala, K.M., and Bakas, T.H. 2013. National password security survey: Results. Proceedings of the European Information Security Multi-Conference. University of Plymouth Press, 8-10 May, 2013. Lisbon, Portugal, pp. 23-33.

Kaspersky. 2016. Kaspersky lab’s secure password check [Online]. Available at: https://password.kaspersky.com/ [Accessed: 3 March 2019]

Kong, H. 2004. Password Memorability and Security : Empirical Results [Online]. Available at: https://prof-jeffyan.github.io/jyan_ieee_pwd.pdf [Accessed: 3 March 2019].

Moscaritolo, A. 2016. Hacker selling 32M twitter accounts on dark web. PC Magazine [Online]. Available at: http://www.pcmag.com/news/345121/hacker-selling-32m-twitter-accounts-on-dark-web

Proctor, R. W. 2002. Improving Computer Security for Authentication of Users: Influence of Proactive Password Restrictions. Behavior Research Methods, Instruments, & Computers 34(2), pp. 163-169.

Schneier, B. 2007. The Psychology of Security [Online]. Available at: http://www.schneier.com/essay-155.html [Accessed 4 March 2019].

Shay, R., Kelley, P. G., Leon, P. G., Mazurek, M. L., Christin, N., and Cranor, L. F. 2010. Encountering Stronger Password Requirements : User Attitudes and Behaviors Categories and Subject Descriptors. Cylab Usable Privacy and Security Laboratory [Online]. Available at: https://cups.cs.cmu.edu/soups/2010/proceedings/a2_shay.pdf [Accessed 5 March 2019].

Shen, C. 2016. User practice in password security: An empirical study of real-life passwords in the wild. Computer Security 61, pp. 130-141.

Stanton, J., Stam, K., Mastrangelo, P., and Jolton, J. 2005. Analysis of end user security behaviors. Computers & Security, 24, pp. 124-133.

Ur, B., Bees, J., Segreti, S. M., Bauer, L., Christin, N., and Cranor, L. F. 2016. Do Users’ Perceptions of Password Security Match Reality? [Online] Available at: https://www.blaseur.com/papers/chi16-pwperceptions.pdf [Accessed 5 March 2019].

Wash, R., Emilee, R., Ruthie, B., & Zac, W. 2016. Understanding password choices: How frequently entered passwords are re-used across websites. Proceedings of Symposium on Usable Privacy and Security (SOUPS). Denver, 22-24 June, 2016. Colorado, U.S.A., pp. 1-15.

Yenisey, M., Ozok, A., and Salvendy, G. 2005. Perceived security determinants in e-commerce among Turkish university students. Behaviour & Information Technology Journal 24(4), pp. 259-274.

Downloads

Download data is not yet available.

Comments & Peer Review

Author's Affiliation

Walid Ali Sulaiman Ali Alothman
Google Scholar

Copyrights & License

Article Details

Issue: Vol. 8 No. 04 (2019)

Page No.: 24586-24602

Section: Articles

DOI: https://doi.org/10.18535/ijecs/v8i04.4304

How to Cite

Alothman, W. A. S. A. (2019). Evaluating Passwords User Behavior and the Psychology of Password Management. International Journal of Engineering and Computer Science, 8(04), 24586–24602. https://doi.org/10.18535/ijecs/v8i04.4304

Download Citation

HTML Viewed - 173 Times
PDF Downloaded - 135 Times

PDF

Downloads

PDF

Evaluating Passwords User Behavior and the Psychology of Password Management

Abstract

References

Downloads

Author's Affiliation

Walid Ali Sulaiman Ali Alothman

Copyrights & License

Article Details

How to Cite

Download Citation

Downloads

Sections

We Recommend