Addressing misconceptions about password security effectively
2018 (English)In: Proceedings of 7th Workshop on Socio-Technical Aspects in Security and Trust, Orlando, Florida, USA, December 2017 (STAST 2017), Association for Computing Machinery , 2018, p. 1-12Conference paper, Published paper (Refereed)
Abstract [en]
Nowadays, most users need more passwords than they can handle. Consequently, users have developed a multitude of strategies to cope with this situation. Some of these coping strategies are based on misconceptions about password security. In such cases, the users are unaware of their insecure password practices. Addressing the misconceptions is vital in order to decrease insecure coping strategies. We conducted a systematic literature review with the goal to provide an overview of the misconceptions about password security. Our literature review revealed that misconceptions exist in basically all aspects of password security. Furthermore, we developed interventions to address these misconceptions. Then, we evaluated the interventions’ effectiveness in decreasing the misconceptions at three small and medium sized enterprises (SME). Our results show that the interventions decrease the overall prevalence of misconceptions significantly in the participating employees.
Place, publisher, year, edition, pages
Association for Computing Machinery , 2018. p. 1-12
Keywords [en]
Literature review, Misconceptions, Password security, User study, Security systems, Coping strategies, Literature reviews, Small- and medium-sized enterprise, Systematic literature review, Authentication
National Category
Mathematics Computer and Information Sciences
Research subject
Computer Science; Mathematics
Identifiers
URN: urn:nbn:se:kau:diva-71295DOI: 10.1145/3167996.3167998Scopus ID: 2-s2.0-85061043553ISBN: 9781450363570 (print)OAI: oai:DiVA.org:kau-71295DiVA, id: diva2:1290810
Conference
7th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2017 - Co-located with the 2017 Annual Computer Security Applications Conference, ACSAC 2017, 5 December 2017
2019-02-212019-02-212019-05-16Bibliographically approved