Title :
Towards designing effective security messages: Persuasive password guidelines
Author :
Zakaria, Nor Hawaniah ; Katuk, Norliza
Author_Institution :
Sch. of Comput. Sci., Univ. Utara Malaysia, Sintok, Malaysia
Abstract :
The current state of information security compliance in workplaces is deteriorating. In many cases human factors were attributed as the cause of the problem. Humans are well known as the weakest link in the security chain. Commonly, end-users will depend on security messages when confronted with security-related decision making. Most of the time, end-users will try their best to make sense of unclear instructions in order to cope with situations. This indicates the way security messages are presented is of utmost importance. However, research focusing on designing effective security messages is quite limited. This paper presents research in progress, towards designing effective security messages focusing on passwords guidelines. Our initial review indicated the lack of persuasive elements in the current password guidelines may lead to unmotivated behaviour of producing good (strong) passwords. This paper also includes initial results obtained from pilot study which reveal promising results supporting the usage of persuasion strategies to improve the current state information security compliance.
Keywords :
human factors; security of data; human factors; information security compliance; persuasion strategies; persuasive elements; persuasive password guidelines; security chain; security messages; security-related decision making; Cognition; Entropy; Guidelines; Information security; Technological innovation; Information security compliance; password guidelines; persuasion; security messages;
Conference_Titel :
Research and Innovation in Information Systems (ICRIIS), 2013 International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4799-2486-8
DOI :
10.1109/ICRIIS.2013.6716697
