User Behaviours Associated with Password Security and Management

Authors

  • Kay Bryant Griffith University
  • John Campbell University of Canberra

DOI:

https://doi.org/10.3127/ajis.v14i1.9

Keywords:

behaviour, behavior, password, user

Abstract

Control mechanisms established on the boundary of an information system are an important preliminary step to minimising losses from security breaches. The primary function of such controls is to restrict the use of information systems and resources to authorized users. Password-based systems remain the predominant method of user authentication despite the many sophisticated and viable security alternatives that have emerged from research and development. However, the literature shows that passwords are often compromised through the poor security and management practices of users. This paper examines user password composition and security practices for email accounts. The results of a survey that examines user practice in creating and using passwords are reported. The results show that many users know about the risks of hackers, viruses and so on and take preliminary steps to combat them such as having passwords longer than eight characters. However, this appears to be as far as many users are willing to accede to the probability that their information and computing resources can be compromised. This paper makes some recommendations for the education of users in creating and maintaining their passwords. The responsibility for these educational programs can be shared between governments, organisations, educational institutions at all levels, and software vendors.

Downloads

Published

2006-11-01

How to Cite

Bryant, K., & Campbell, J. (2006). User Behaviours Associated with Password Security and Management. Australasian Journal of Information Systems, 14(1). https://doi.org/10.3127/ajis.v14i1.9

Issue

Vol. 14 No. 1 (2006): Theme: Information Systems in Australian Universities

Section

Research Articles

License

AJIS publishes open-access articles distributed under the terms of a Creative Commons Non-Commercial and Attribution License which permits non-commercial use, distribution, and reproduction in any medium, provided the original author and AJIS are credited. All other rights including granting permissions beyond those in the above license remain the property of the author(s).