User Behaviours Associated with Password Security and Management

Kay Bryant, John Campbell

    Research output: Contribution to journalArticle

    1 Downloads (Pure)

    Abstract

    Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.
    Original languageEnglish
    Pages (from-to)81-100
    Number of pages20
    JournalAustralasian Journal of Information Systems
    Volume14
    Issue number1
    DOIs
    Publication statusPublished - 2006

    Fingerprint

    Information systems
    Electronic mail
    Viruses
    Authentication
    Education
    Chemical analysis
    User behavior

    Cite this

    Bryant, Kay ; Campbell, John. / User Behaviours Associated with Password Security and Management. In: Australasian Journal of Information Systems. 2006 ; Vol. 14, No. 1. pp. 81-100.
    @article{47af7872d7cc448f94af27c735da4118,
    title = "User Behaviours Associated with Password Security and Management",
    abstract = "Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.",
    author = "Kay Bryant and John Campbell",
    year = "2006",
    doi = "10.3127/ajis.v14i1.9",
    language = "English",
    volume = "14",
    pages = "81--100",
    journal = "Australian Journal of Information Systems",
    issn = "1039-7841",
    publisher = "UQ Business School, The University of Queensland",
    number = "1",

    }

    User Behaviours Associated with Password Security and Management. / Bryant, Kay; Campbell, John.

    In: Australasian Journal of Information Systems, Vol. 14, No. 1, 2006, p. 81-100.

    Research output: Contribution to journalArticle

    TY - JOUR

    T1 - User Behaviours Associated with Password Security and Management

    AU - Bryant, Kay

    AU - Campbell, John

    PY - 2006

    Y1 - 2006

    N2 - Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.

    AB - Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.

    U2 - 10.3127/ajis.v14i1.9

    DO - 10.3127/ajis.v14i1.9

    M3 - Article

    VL - 14

    SP - 81

    EP - 100

    JO - Australian Journal of Information Systems

    JF - Australian Journal of Information Systems

    SN - 1039-7841

    IS - 1

    ER -