Evaluating Passwords User Behavior and the Psychology of Password Management
Regardless of how complex an association's security framework is, it stays helpless because of the human factor. Content based passwords are usually utilized for verification in figuring condition. Despite the fact that passwords are considered as the underlying line of assurance for users, they stay simple to compromise. To improve the security of frameworks, different password synthesis policies are embraced. These strategies guarantee that users are made to pick solid passwords that assistance anticipate online ruptures and information spills. Be that as it may, it likewise make passwords hard to retain and review, diminishing the general ease of use. In this examination we researched the ease of use of password strategies and users' view of password security. We additionally reviewed and examined the patterns practiced by users while producing passwords (Crantor, Hong and Reiter, 2016).
Users are not as mindful of security prerequisites and practices as they think. By far most of users' passwords are breakable within days or shorter. Strikingly, we found that the utilization of numbers and uppercase letters is common among clients. Numbers are generally utilized toward the end of the passwords and uppercase letters are for the most part utilized toward the start of passwords. The presence of such patterns makes it simpler for attackers to create progressively compelling dictionaries. In light of the examination in this investigation, we make suggestions to the IT office to improve the password policy (Shen, 2016).
Burr, W.E., Dodson, D.F. and Polk, W.T., 2006. Electronic authentication guideline. National Institute of Standards and Technology [Online] Available at: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-3ver1.0.2.pdf [Accessed: 21 February 2019].
Cranor, L. F., Hong, J., Reiter, M. K. 2016. Supporting Password-Security Decisions with Data. PhD Thesis, Carnegie Mellon University
CSID, 2012. Consumer survey: Password habits a study of password habits among American consumers. Austin, Texas, U.S.A.: Office for White Papers Operated by Exeprian
Das, A., Bonneau, J., Caesar, M., Borisov, N., and Wang, X., 2014. The Tangled Web of Password Reuse. Joseph Bonneau [Online] Available at: http://www.jbonneau.com/doc/DBCBW14-NDSS-tangled_web.pdf [Accessed: 23 February 2019].
Dell'Amico, M., Michiardi, P., and Roudier, Y. 2010. Password strength: An empirical analysis. Proceedings of the IEEE INFOCOM, San Diego, 14-19 March, 2010. CA, USA, pp. 983-991.
Florencio, D. and Herley, C. 2007. A large-scale study of web password habits. Proceedings of the 16th International Conference on the World Wide Web, Banff, 08-12 May, 2007. Alberta, Canada, pp. 657-666.
Furnell, S., Jusoh, A., and Katsabas, D. 2006. The challenges of understanding and using security: a survey of end-users. Computers & Security [Online] 25. Available at: https://www.researchgate.net/publication/223844978_The_challenges_of_understanding_and_using_security_A_survey_of_end-users [Accessed: 29 February 2019].
Gaw, S. and Felten, E.W. 2006. Password management strategies for online accounts. Proceedings of the 2nd Symposium on Usable Privacy and Security. Pittsburgh, 12-14 July, 2006. Pennsylvania, USA, pp. 44-55.
Gehringer, E. 2002. Choosing passwords: security and human factors. International
Symposium on Technology and Society 11(9), pp. 369-373.
Helkala, K.M., and Bakas, T.H. 2013. National password security survey: Results. Proceedings of the European Information Security Multi-Conference. University of Plymouth Press, 8-10 May, 2013. Lisbon, Portugal, pp. 23-33.
Kaspersky. 2016. Kaspersky lab’s secure password check [Online]. Available at: https://password.kaspersky.com/ [Accessed: 3 March 2019]
Kong, H. 2004. Password Memorability and Security : Empirical Results [Online]. Available at: https://prof-jeffyan.github.io/jyan_ieee_pwd.pdf [Accessed: 3 March 2019].
Moscaritolo, A. 2016. Hacker selling 32M twitter accounts on dark web. PC Magazine [Online]. Available at: http://www.pcmag.com/news/345121/hacker-selling-32m-twitter-accounts-on-dark-web
Proctor, R. W. 2002. Improving Computer Security for Authentication of Users: Influence of Proactive Password Restrictions. Behavior Research Methods, Instruments, & Computers 34(2), pp. 163-169.
Schneier, B. 2007. The Psychology of Security [Online]. Available at: http://www.schneier.com/essay-155.html [Accessed 4 March 2019].
Shay, R., Kelley, P. G., Leon, P. G., Mazurek, M. L., Christin, N., and Cranor, L. F. 2010. Encountering Stronger Password Requirements : User Attitudes and Behaviors Categories and Subject Descriptors. Cylab Usable Privacy and Security Laboratory [Online]. Available at: https://cups.cs.cmu.edu/soups/2010/proceedings/a2_shay.pdf [Accessed 5 March 2019].
Shen, C. 2016. User practice in password security: An empirical study of real-life passwords in the wild. Computer Security 61, pp. 130-141.
Stanton, J., Stam, K., Mastrangelo, P., and Jolton, J. 2005. Analysis of end user security behaviors. Computers & Security, 24, pp. 124-133.
Ur, B., Bees, J., Segreti, S. M., Bauer, L., Christin, N., and Cranor, L. F. 2016. Do Users’ Perceptions of Password Security Match Reality? [Online] Available at: https://www.blaseur.com/papers/chi16-pwperceptions.pdf [Accessed 5 March 2019].
Wash, R., Emilee, R., Ruthie, B., & Zac, W. 2016. Understanding password choices: How frequently entered passwords are re-used across websites. Proceedings of Symposium on Usable Privacy and Security (SOUPS). Denver, 22-24 June, 2016. Colorado, U.S.A., pp. 1-15.
Yenisey, M., Ozok, A., and Salvendy, G. 2005. Perceived security determinants in e-commerce among Turkish university students. Behaviour & Information Technology Journal 24(4), pp. 259-274.