Password security &amp;#x2014; No change in 35 years?

Taneski, Viktor; Heričko, Marjan; Brumen, Boštjan

doi:10.1109/mipro.2014.6859779

Cited by 35 publications

(16 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Research about the role of users related to information security is still rare, while previous studies usually focus on the password as the first line of defence in most information systems. Studies have shown that despite the recommendations on the password selection, users still tend to select those passwords that are simple and easy to remember or those concerning their personal data [20]. Despite the training, users still have the habit to share their passwords with their colleagues, write them in a visible place, or do not change them for a long time, which confirms that the user behaviour is a very common problem in the field of security and that education is still necessary [21].…”

Section: Literature Overviewmentioning

confidence: 99%

Information security

Erceg

2019

Teh. glas. (Online)

View full text Add to dashboard Cite

Information security inside the organization is becoming a major issue in the modern and global world. Information accessibility and security are a major issue where user behaviour plays an important role. Information security user behaviour is becoming an increasing threat to their organization information security. Since the organization is investing in and implementing information security systems, the issue of employees’ behaviour has become increasingly important. This paper aims to show how workers treat information security and is looking upon so called “people problem”. In the research, the personal behaviour of health care professionals and workers in a Croatian production company in relation to information security was tested. Results have shown that the overall behaviour of respondents in production company is more responsible and security awareness with proper use of passwords is associated with knowledge about the importance of security application in their work. Further research is recommended.

show abstract

Section: Literature Overviewmentioning

confidence: 99%

Information security

Erceg

2019

Teh. glas. (Online)

View full text Add to dashboard Cite

show abstract

“…Viktor Taneski et al [12] conducted a systematic literature review of articles and journals about password use and password security. The researchers [12] suggested different password setting policies and password checkers to guide users for setting strong passwords. Password meters [13] are used in some websites for informing users about the strength of the passwords.…”

Section: Related Workmentioning

confidence: 99%

Enhanced Textual Password Scheme for Better Security and Memorability

Bhanbhro¹,

Nizamani²,

Hassan³

et al. 2018

ijacsa

View full text Add to dashboard Cite

Traditional textual password scheme provides a large number of password combinations but users generally use a small portion of available password space. Complex textual passwords are difficult to remember, therefore most users choose passwords with small length and contain dictionary words. Due to the use of small password length and dictionary words, textual passwords become easy to crack through offline guessability attacks. Traditional textual passwords scheme is also weak against keystroke logger attacks because alphanumeric characters are directly inserted into the password field. In this paper, enhancements are proposed in the registration and login screen of the traditional textual password scheme for improving security against offline guessability attacks and keystroke logger attacks. The proposed registration screen also improve memorability of traditional textual passwords through visual cues or patternbased approach. In the proposed login screen, passwords are indirectly inserted into the password field, to resist keystroke logger attacks. A comparative analysis between the passwords created in traditional and proposed pattern-based approach is presented. The testing results show that users create strong and high entropy passwords in the proposed pattern-based approach as compared to the traditional textual passwords approach.

show abstract

“…Research on passwords has been active for almost 35 years [3]. Zviran and Haga [2] in their paper on password security investigated in more details the characteristics of user-selected passwords and the relationships between key password characteristics.…”

Section: Related Workmentioning

confidence: 99%

“…Many approaches and solutions, for increasing the security and usability of textual passwords, were proposed through the years but none have proven widely acceptable [3]. Users and their textual passwords are still considered "the weakest link", because they still tend to choose weak passwords and passwords that can be found in a dictionary [4], use a very small number of passwords and are likely to use words that are familiar to them as their passwords [5].…”

Section: Introductionmentioning

confidence: 99%

Impact of security education on password change

Taneski

Heričko

Brumen

2015

2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)

Self Cite

View full text Add to dashboard Cite

Users and their passwords are the weakest link of security, because they tend to create passwords that are not strong, easy to remember and contain words that are familiar to them. Users' lack of security consciousness and their behavior can be influenced by security education. Our research explores the effect of password security training on the strength of the passwords chosen by the users. The objective of this paper is to explore possible differences in the quality of passwords between students from different faculties with different foreknowledge and education about passwords and security. In this paper we analyze the passwords of the students from the Faculty of Tourism and compare the results to the ones from the Faculty of electrical engineering and computer science at the University of Maribor. We collected the data by means of an online questionnaire, performed among undergraduate and graduate students. Despite our efforts to educate the users about the importance of frequent password change, a large percent of users did not change their passwords following the lectures. The overall conclusion of this preliminary study is that users still lack security knowledge regarding password change and need to be further educated in this direction.I.

show abstract

Password security — No change in 35 years?

Cited by 35 publications

References 57 publications

Information security

Information security

Enhanced Textual Password Scheme for Better Security and Memorability

Impact of security education on password change

Contact Info

Product

Resources

About