Improving Compliance with Password Guidelines: How User Perceptions of Passwords and Security Threats Affect Compliance with Guidelines

Author

Mwagwabi, Florence ; McGill, Tanya ; Dixon, Matthew

Author_Institution

Murdoch Univ., Murdoch, WA, Australia

fYear

2014

fDate

6-9 Jan. 2014

Firstpage

3188

Lastpage

3197

Abstract

Passwords have long been the preferred method of user authentication, yet poor password practices cause security issues. The study described in this paper investigates how user perceptions of passwords and security threats affect intended compliance with guidelines and explores how these perceptions might be altered in order to improve compliance. It tests a research model based on protection motivation theory [24]. Two groups of internet users were surveyed, one of which received password security information and an exercise to reinforce it. This study suggests effective ways that trainers or employers can improve compliance with password guidelines. In particular, training programs should aim to enhance IS security coping appraisal. The research model proposed in this study has also been shown to be a useful model for explaining IS security behavioral intentions.

Keywords

authorisation; data protection; IS security behavioral intentions; IS security coping appraisal enhancement; Internet users; compliance improvement; password guidelines; password security information; password threats; protection motivation theory; research model; security threats; training programs; user authentication; user perceptions; Appraisal; Atmospheric measurements; Computer crime; Guidelines; Mathematical model; Particle measurements;

fLanguage

English

Publisher

ieee

Conference_Titel

System Sciences (HICSS), 2014 47th Hawaii International Conference on

Conference_Location

Waikoloa, HI

Type

conf

DOI

10.1109/HICSS.2014.396

Filename

6758997