Password policies vs. usability: when do users go "bananas"?
Dillon, Roberto, Chawla, Shailey, Hristova, Dayana, Gobl, Barbara, and Jovicic, Suzana (2020) Password policies vs. usability: when do users go "bananas"? In: Proceedings of the IEEE 19th International Conference on Trust, Security and Privacy in Computing. pp. 148-153. From: TrustCom 2020: IEEE 19th International Conference on Trust, Security and Privacy in Computing, 29 December 2020 - 1 January 2021, Guangzhou, China.
PDF (Accepted Publisher Version)
- Published Version
Restricted to Repository staff only |
Abstract
To grant password security, it is still a common practice to request users to comply with a number of rules that need to be met for the resulting password to be valid. Users have no option but to comply with the rules, but is there a specific point where the required rules start being perceived as a nuisance and thus jeopardize security? This paper addresses users’ reactions to such a scenario by means of an online survey (N=51) where users are being asked to create a password following an increasing number of restrictions. We thereby follow their evolving responses as each further criterion is added. Our analysis confirms that the increase in rule complexity has detrimental effects on usability and can lead to workarounds potentially compromising password security.
Item ID: | 64572 |
---|---|
Item Type: | Conference Item (Research - E1) |
ISBN: | 978-0-7381-4380-4 |
Keywords: | Computer Authentication, Computer Security, Security Management |
Related URLs: | |
Copyright Information: | (C) IEEE |
Date Deposited: | 20 Jan 2021 00:07 |
FoR Codes: | 46 INFORMATION AND COMPUTING SCIENCES > 4699 Other information and computing sciences > 469999 Other information and computing sciences not elsewhere classified @ 80% 52 PSYCHOLOGY > 5205 Social and personality psychology > 520505 Social psychology @ 20% |
SEO Codes: | 97 EXPANDING KNOWLEDGE > 970110 Expanding Knowledge in Technology @ 100% |
Downloads: |
Total: 5 |
More Statistics |