Abstract
A quantitative research surveying 390 people with different levels of expertise in computer usage was conducted to understand user behavior from three perspectives: How users make sure that the sites they are using are safe, How users deal with forgotten passwords, How secure is the “security questions”. The finding shows users’ pattern of behavior in checking security when viewing a web application, the way they deal with numerous passwords and retrieval of the forgotten password by using the security question. The research concludes that most people would be able to answer a variety of security questions for other people in their entourage. Users seem to have significantly different behaviors statistically by age group and level of expertise.
Chapter PDF
Similar content being viewed by others
References
Adams, Sasse: Users Are Not the Enemy. Communications of the ACM(1999)
Castelluccia, C.1., De Cristofaro, E., Perito, D.: Private Information Disclosure from Web Searches (The case of Google Web History) (2010), http://planete.inrialpes.fr/~ccastel/PAPERS/historio.pdf (accessed on September 23, 2010)
CIO Council: Guidelines for Secure Use of Social Media by Federal Departments and Agencies, http://www.cio.gov/Documents/Guidelines_for_Secure_Use_Social_Media_v01-0.pdf (accessed on October 21, 2010)
DeAlvare, A.M.: A framework for password selection. In: Proceedings of Unix Security Workshop II, Portland (August 29-30, 1998)
Englert, B., Shah, P.: On the Design and Implementation of a secure Online Password Vault. In: ICHIT 2009, Daejeon, Korea, August 27-29 (2009)
FFIEC, Federal Financial Institutions Examination Council: Authentication in an Internet Banking Environment (2005), accessed on http://www.ffiec.gov/pdf/authentication_guidance.pdf
Forget, A., Biddle, R.: Memorability of Persuasive Passwords. In: CHI 2008 Proceedings, Florence, Italy. ACM, New York (2008) 978-1-60558-012-8/08/2005
Gaw, S., Felten, E.W.: Password Management Strategies for Online Accounts. In: Symposium on Usable Privacy & Security (SOUPS), Pittsburgh, PA, USA, July 12-14 (2006)
Helft, M.: Experts Warn of a Weak Link in the Security of Web Sites New York Times Published on (August 13, 2010), http://www.nytimes.com/2010/08/14/technology/14encrypt.html?_r=1 (accessed on August 23, 2010)
Herley, A.: So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users, Microsoft Research (2010)
Jagatic, T., Johnson, N., et al.: Social Phishing. ACM, New York (2005), http://www.indiana.edu/~phishing/social-network-experiment/phishing-preprint.pdf (accessed on October 21, 2010)
Jones, L.A., Antón, A.I., Earp, J.B.: Towards Understanding User Perceptions of Authentication Technologies. In: WPES 2007, Virginia, USA, October 29 (2007)
Karaca, K., Levi, A.: Towards a Framework for Security Analysis of Multiple Password Schemes. In: EUROSEC 2008, Glasgow, Scotland, March 31 (2008)
Keats, S.: Cashing in on Typos (2007), http://www.mcafee.com/us/security_insights/archived/oct_2008/si_oct5_08.html (accessed on May 19, 2010)
Keats, S.: What’s In A Name: The State of Typo-Squatting (2007), http://www.siteadvisor.com/studies/typo_squatters_nov2007.html (accessed on 05/19/2010)
Naone E: Peeking Into Users’ Web History, Technology Review (April 21, 2010), http://www.technologyreview.com/web/25159/?a=f
Rogers, W.A., Fisk, A.D.: Human Factors, applied cognition and aging. In: Crailk, E.I.M., Salthouse, T.A. (eds.) The Handbook of Aging and Cognition. Lawrence Erlbaum Associates, Mahwah (2000)
Schechte, S.E., Dhamija, R., Ozment, A., Fischer, I.: The Emperor’s New Security Indicators. An evaluation of website authentication and the effect of role playing on usability studies. In: The 2007 IEEE Symposium on Security and Privacy, Oakland, California, May 20-23 (2007), accessed on http://usablesecurity.org/emperor
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Moallem, A. (2011). Did You Forget Your Password?. In: Marcus, A. (eds) Design, User Experience, and Usability. Theory, Methods, Tools and Practice. DUXU 2011. Lecture Notes in Computer Science, vol 6770. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21708-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-21708-1_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21707-4
Online ISBN: 978-3-642-21708-1
eBook Packages: Computer ScienceComputer Science (R0)