Persuasive password security

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Persuasive password security

Full text

Pdf (183 KB)

Source

Conference on Human Factors in Computing Systems archive
CHI '01 extended abstracts on Human factors in computing systems table of contents

Seattle, Washington

POSTER SESSION: Interactive posters: working in offices table of contents

Pages: 139 - 140

Year of Publication: 2001

ISBN:1-58113-340-5

Authors

Dirk Weirich	University College London, UK - London
Martina Angela Sasse	University College London, UK - London

Sponsor

SIGCHI: ACM Special Interest Group on Computer-Human Interaction

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 11, Downloads (12 Months): 56, Citation Count: 3

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/634067.634152 What is a DOI?

ABSTRACT

Users of password-protected systems have to be persuaded to follow certain regulations to keep systems secure. This paper describes the results of a first study of the mental models, metaphors, attitudes and skills users hold with respect to password mechanisms. It shows that users are currently not motivated to adopt proper password practices. They do not believe that they ultimately can stop somebody from getting into the system, or that somebody getting in could cause them any serious personal harm. We recommend a novel approach to the design of training and online support, which is based on an appropriate use of fear appeals.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Schneier, B. Secrets and Lies. John Wiley & Sons (2000)..
	2	Anne Adams , Martina Angela Sasse, Users are not the enemy, Communications of the ACM, v.42 n.12, p.40-46, Dec. 1999 [doi>10.1145/322796.322806]
	3	Whitten, A. and Tygar, J. D. Why Johnny can't encrypt: A usability evaluation of PGP 5.0. 8th USENIX security composium (Washington, August 1999).
	4	Potter, J. and Wetherell, M. Discourse and social psychology. Sage Publications Ltd (London, 1987).
	5	Rimmer, J., Wakeman, I., Sheeran, L.,Sasse, M. A. Examining users' repertoire of Internet applications. In Sasse, M. A. and Johnson, C. (Eds.): Human-Computer Interaction - INTERACT '99(1999).
	6	Rogers, R. W. Cognitive and physiological processes in fear appeals and attitude change: A revised theory of protection motivation. In Cacioppo, J. and Petty, R. (Eds.): Social Psychophysiology. Guilford Press (NY, 1983).

CITED BY 3

	Jens Riegelsberger , M. Angela Sasse , John D. McCarthy, The researcher's dilemma: evaluating trust in computer-mediated communication, International Journal of Human-Computer Studies, v.58 n.6, p.759-781, June 2003
	Shirley Gaw , Edward W. Felten , Patricia Fernandez-Kelly, Secrecy, flagging, and paranoia: adoption criteria in encrypted email, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada
	Shirley Gaw , Edward W. Felten, Password management strategies for online accounts, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania