On The Systematic Development and Evaluation Of Password Security Awareness-Raising Materials
Mayer, Peter
1; Schwartz, Christian; Volkamer, Melanie 1
1 Karlsruher Institut für Technologie (KIT)
1; Schwartz, Christian; Volkamer, Melanie 11 Karlsruher Institut für Technologie (KIT)
Abstract:
Text passwords play an important role in protecting the assets of organisations. Thus, it is of the essence, that employees are well aware of possible attacks and defences. To that end, we developed a password security awareness-raising material in a systematic iterative process: The material is based on the literature on password security, feedback of independent experts, and feedback of lay-users. It was evaluated in the field with employees of three organisations. Our results show that the participating employees improved their abilities to (1) discern secure from insecure password-related behaviour in a variety of scenarios relating to different attacks and (2) assess passwords as secure or insecure. These improved abilities of the participants were still present in a retention after six months. Thus, the developed awareness-raising material contributes to improving the password-related security in organisations.
| Zugehörige Institution(en) am KIT | Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB) Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL) |
| Publikationstyp | Proceedingsbeitrag |
| Publikationsjahr | 2018 |
| Sprache | Englisch |
| Identifikator | ISBN: 978-1-4503-6569-7 KITopen-ID: 1000086098 |
| Erschienen in | ACSAC '18 Proceedings of the 34th Annual Computer Security Applications Conference, San Juan, PR, USA — December 03 - 07, 2018 |
| Verlag | Association for Computing Machinery (ACM) |
| Seiten | 733-748 |
| Schlagwörter | Passwords, Usable Security, Awareness, User Study |
| Nachgewiesen in | Scopus Dimensions |
| Relationen in KITopen |