Despite an abundance of policies being directed towards them, users often struggle to follow good cybersecurity practice. Recognizing that such behaviors do not come naturally, a logical approach is to ensure that users are guided and supported in knowing what to do and how to do it. Unfortunately, such support is often lacking. The paper uses the example of password authentication as a specific context in which cybersecurity behavior is frequently criticized, but where users are often left to manage without sufficient support (as evidenced by examining the lack of related guidance and enforcement of good practice on leading websites). The discussion then proceeds to look at the effect of actively supporting the user, drawing upon the re...
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for...
Information security embodies the complex interaction between security policies, user perceptions of...
To date, system research has focused on designing security mechanisms to protect systems access alth...
Despite an abundance of policies being directed towards them, users often struggle to follow good cy...
Despite an abundance of policies being directed towards them, users often struggle to follow good cy...
Password authentication remains the dominant form of user authentication for online systems. As such...
Information is considered a valuable asset to most organisations and is often exposed to various thr...
Control mechanisms established on the boundary of an information system are an important preliminary...
Usernames and passwords form the most widely used method of user authentication on the Internet. Yet...
Passwords are our primary form of authentication. Yet passwords are a major vulnerability for compu...
Passwords are a critical part of information and network security. Passwords serve as primary authen...
An organization that gives users access to computing resources via a password mechanism needs to ens...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
The human is frequently referred to as the weakest link of security. Employees who engage in behavio...
Maintaining the security of information systems and associated data resources is vital if an organis...
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for...
Information security embodies the complex interaction between security policies, user perceptions of...
To date, system research has focused on designing security mechanisms to protect systems access alth...
Despite an abundance of policies being directed towards them, users often struggle to follow good cy...
Despite an abundance of policies being directed towards them, users often struggle to follow good cy...
Password authentication remains the dominant form of user authentication for online systems. As such...
Information is considered a valuable asset to most organisations and is often exposed to various thr...
Control mechanisms established on the boundary of an information system are an important preliminary...
Usernames and passwords form the most widely used method of user authentication on the Internet. Yet...
Passwords are our primary form of authentication. Yet passwords are a major vulnerability for compu...
Passwords are a critical part of information and network security. Passwords serve as primary authen...
An organization that gives users access to computing resources via a password mechanism needs to ens...
Well-intentioned decisions---even ones intended to improve aggregate security--- may inadvertently j...
The human is frequently referred to as the weakest link of security. Employees who engage in behavio...
Maintaining the security of information systems and associated data resources is vital if an organis...
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for...
Information security embodies the complex interaction between security policies, user perceptions of...
To date, system research has focused on designing security mechanisms to protect systems access alth...