User Behaviours Associated with Password Security and Management

Kay Bryant, John Campbell

    Research output: Contribution to journalArticlepeer-review

    68 Downloads (Pure)


    Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.
    Original languageEnglish
    Pages (from-to)81-100
    Number of pages20
    JournalAustralasian Journal of Information Systems
    Issue number1
    Publication statusPublished - 2006


    Dive into the research topics of 'User Behaviours Associated with Password Security and Management'. Together they form a unique fingerprint.

    Cite this