An Empirical Assessment of Factors Impeding Effective Password Management

Abstract Since passwords are one of the main mechanisms used to protect data and information, it is important to ensure that passwords are managed correctly and that those factors which will have a significant impact on password management are identified and prioritized. Therefore, in order for an information and communication technology (ICT) overall security program to be successful, a security awareness program or component must be included. The aim of this paper is to perform an exploratory study with the objective of introducing certain fundamental causes that may impact password management. Empirical results, followed by a survey as well as the application of several management science techniques are presented.

[1]  Joseph Sarkis,et al.  Quantitative models for performance measurement systems—alternate considerations , 2003 .

[2]  Mark L. Berenson,et al.  Basic Business Statistics : Concepts and Applications , 2007 .

[3]  Herbert J. Mattord,et al.  Readings and Cases in the Management of Information Security , 2005 .

[4]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[5]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[6]  Umit Bititci,et al.  Quantitative models for performance measurement system , 2000 .

[7]  Matt Bishop,et al.  What Is Computer Security? , 2003, IEEE Secur. Priv..

[8]  Steven Furnell,et al.  Authentication and Supervision: A Survey of User Attitudes , 2000, Comput. Secur..

[9]  David M. Levine,et al.  Basic Business Statistics , 1979 .

[10]  Howard B. Lee,et al.  Foundations of Behavioral Research , 1973 .

[11]  Detmar W. Straub,et al.  Validating Instruments in MIS Research , 1989, MIS Q..

[12]  Cheng-Chung Lin,et al.  A study of storage tank accidents , 2006 .

[13]  K. Ishikawa What is total quality control the japanese way , 2002 .

[14]  Elena Maceviciute,et al.  Review of: Oates, Briony J. Researching information systems and computing. London: Sage Publications, 2006 , 2006, Inf. Res..

[15]  Joshua Cook,et al.  Improving password security and memorability to protect personal and organizational information , 2007, Int. J. Hum. Comput. Stud..

[16]  Mark Burnett,et al.  Perfect Passwords: Selection, Protection, Authentication , 2005 .

[17]  Steven Furnell,et al.  An assessment of website password practices , 2007, Comput. Secur..

[18]  Helmut Schneider,et al.  The domino effect of password reuse , 2004, CACM.

[19]  John Campbell,et al.  User Behaviours Associated with Password Security and Management , 2006, Australas. J. Inf. Syst..

[20]  B. J. Oates,et al.  Researching Information Systems and Computing , 2005 .

[21]  A. Darker,et al.  TOTAL QUALITY CONTROL , 1987 .