Investigating Children's Passwords using a Game-based Survey

Lamichhane, Dev Raj; Read, Janet C.

doi:10.1145/3078072.3084333

Cited by 15 publications

(11 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their understanding of what makes a strong password, the importance of unique passwords, and the necessary steps required once discovering an account breach was surprisingly accurate across participants and across focus groups. This is particularly surprising given previous work suggesting that this age group have a poor understanding of password composition and management [8,19,21], but does support more recent work [7] as well as being in line with research looking at children's understanding of privacy risks [40]. However, as foreshadowed by our quantitative findings, their knowledge and understanding of tools that could support these behaviours was lacking.…”

Section: Knowledge and Behaviourssupporting

confidence: 70%

“…They observed that children created simple passwords containing their personal information such as name or age and believe that their passwords would be hard for a stranger to guess, and generally showed poor understanding of how passwords should be created. Similarly, other researchers have observed that children create passwords containing whole words and personal information and have trouble recalling long and complex passwords compared to simple ones [19]. Other work [9] has observed that 6-12 year olds are not necessarily better with graphical passwordsalternatives to passwords which have traditionally been considered easier to use for certain populations [24].…”

Section: Related Workmentioning

confidence: 96%

See 1 more Smart Citation

Understanding Young People's Experiences of Cybersecurity

Nicholson

Terry

Beckett

et al. 2021

Proceedings of the 2021 European Symposium on Usable Security

View full text Add to dashboard Cite

Young people are increasingly becoming responsible for the security of their devices, yet do not appear to have the knowledge to protect themselves online. In this paper, we explore young people's knowledge of cybersecurity through a series of workshops with secondary school children, and co-design cybersecurity lessons aimed at engaging this demographic. We find that technical demonstrations are an effective way of engaging young people's curiosity in the subject, and that group activities aimed at exploring the subject are preferred methods. We also find that while knowledgeable about cybersecurity theory (e.g. passwords), their actual behaviours did not reflect best practice. We discuss the role of schools in cybersecurity education and how to best embed this content in the curriculum to maximise the engagement of students, including a focus on teaching about cybersecurity protective tools.CCS CONCEPTS • Security and privacy ~ Human and societal aspects of security and privacy ~ Social aspects of security and privacy.

show abstract

Section: Knowledge and Behaviourssupporting

confidence: 70%

Section: Related Workmentioning

confidence: 96%

Understanding Young People's Experiences of Cybersecurity

Nicholson

Terry

Beckett

et al. 2021

Proceedings of the 2021 European Symposium on Usable Security

View full text Add to dashboard Cite

show abstract

“…They observed that children create simple passwords containing their personal information such as name or age and believe that their passwords would be hard for a stranger to guess. Similarly, other researchers have observed that children create passwords containing whole words and personal information and have trouble recalling long and complex passwords compared to simple ones [33], [34]. Another work [35] has observed that 6-12 year olds are not necessarily better with graphical passwordsalternatives to passwords which have traditionally been considered easier to use for certain populations [36].…”

Section: Cybersecurity Children and Teenagersmentioning

confidence: 95%

Investigating Teenagers’ Ability to Detect Phishing Messages

Nicholson

Javed

Dixon

et al. 2020

2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

Investigating Teenagers' Ability to Detect Phishing Messages line 1: 1st Given Name Surname line 2: dept. name of organization (of Affiliation) line 3: name of organization (of Affiliation) line 4: City, Country line 5: email address or ORCID line 1: 2nd Given Name Surname line 2: dept. name of organization (of Affiliation) line 3: name of organization (of Affiliation) line 4: City, Country line 5: email address or ORCID line 1: 3rd Given Name Surname line 2: dept. name of organization (of Affiliation) line 3: name of organization

show abstract

“…Table II summarizes the range of reports we analysed. Despite several of the retrieved papers considering new authentication methods, only four empirical studies were found which used children as participants in the development or evaluation of child-specific authentication [71], [16], [18], [54]. Of these, only Coggins [17] reported conducting a pre-study measure of the children's knowledge and experience of passwords.…”

Section: Systematic Literature Reviewmentioning

confidence: 99%

Case Study – Exploring Children’s Password Knowledge and Practices

Choong

Theofanos

Renaud³

et al. 2019

Proceedings 2019 Workshop on Usable Security

View full text Add to dashboard Cite

Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous password, and this might well be a suboptimal choice. Designing authentication for children requires acknowledgement of child-specific developmental challenges related to literacy, cognitive abilities and differing developmental stages. Understanding the current state of play is essential, to deliver insights that can inform the development of child-centred authentication mechanisms and processes. We carried out a systematic literature review of all research related to children and authentication since 2000. A distinct research gap emerged from the analysis. Thus, we designed and administered a survey to school children in the United States (US), so as to gain insights into their current password usage and behaviors. This paper reports preliminary results from a case study of 189 children (part of a much larger research effort). The findings highlight age-related differences in children's password understanding and practices. We also discovered that children confuse concepts of safety and security. We conclude by suggesting directions for future research. This paper reports on work in progress. We searched through the following databases: Google Scholar 1 , ACM, DBLP, IEEEXPlore, ScienceDirect and SpringerLink, http://worldcat.org PhD Theses, Educational literature: ERIC-Dept. of Education (Eric.ed.gov), Popular Press: Google News. We started off with Google Scholar and then augmented the list with articles from the other databases.

show abstract

Investigating Children's Passwords using a Game-based Survey

Cited by 15 publications

References 6 publications

Understanding Young People's Experiences of Cybersecurity

Understanding Young People's Experiences of Cybersecurity

Investigating Teenagers’ Ability to Detect Phishing Messages

Case Study – Exploring Children’s Password Knowledge and Practices

Contact Info

Product

Resources

About