20,807 research outputs found
Understanding user behavior towards passwords through acceptance and use modelling
The security of computer systems that store our data is a major issue facing the world. This research project investigated the roles of ease of use, facilitating conditions, intention to use passwords securely, experience and age on usage of passwords, using a model based on the Unified Theory of Acceptance and Use of technology. Data was collected via an online survey of computer users, and analyzed using PLS. The results show there is a significant relationship between ease of use of passwords, intention to use them securely and the secure usage of passwords. Despite expectations, facilitating conditions only had a weak impact on intention to use passwords securely and did not influence actual secure usage. Computing experience was found to have an effect on intention to use passwords securely, but age did not. The results of this research lend themselves to assisting in policy design and better understanding user behavior
Users are not the enemy
Many system security departments treat users as a security risk to be controlled. The general consensus is that most users are careless and unmotivated when it comes to system security. In a recent study, we found that users may indeed compromise computer security mechanisms, such as password authentication, both knowing and unknowingly. A closer analysis, however, revealed that such behavior is often caused by the way in which security mechanisms are implemented, and users â lack of knowledge. We argue that to change this state of affairs, security departments need to communicate more with users, and adopt a user-centered design approach
Usable Security: Why Do We Need It? How Do We Get It?
Security experts frequently refer to people as âthe weakest link in the chainâ of system
security. Famed hacker Kevin Mitnick revealed that he hardly ever cracked a password,
because it âwas easier to dupe people into revealing itâ by employing a range of social
engineering techniques. Often, such failures are attributed to usersâ carelessness and
ignorance. However, more enlightened researchers have pointed out that current security
tools are simply too complex for many users, and they have made efforts to improve
user interfaces to security tools. In this chapter, we aim to broaden the current perspective,
focusing on the usability of security tools (or products) and the process of designing
secure systems for the real-world context (the panorama) in which they have to operate.
Here we demonstrate how current human factors knowledge and user-centered design
principles can help security designers produce security solutions that are effective in practice
- âŠ