Some password users are more equal than others: Towards customisation of online security initiatives
Butler, Rika Butler, Martin
Butler, Rika
Butler, Martin
Citations
Altmetric:
Publication Type
Journal article with impact factor
Editor
Supervisor
Publication Year
2018
Journal
South African Journal of Information Management
Book
Publication Volume
20
Publication Issue
1
Publication Begin page
Publication End page
Publication Number of pages
Collections
Abstract
Background: Online security is a growing concern and user authentication through passwords remains an important mechanism to protect online assets. Research to date has highlighted the need to address human behaviour but without an indication of where the emphasis of security education, training and awareness (SETA) initiatives should be, beyond improved password practices. Objectives: The aim of this study was to, through analysis of the password behaviour of South African online consumers: (1) understand the prevalence of poor password practices among consumers overall and (2) identify specific password deficiencies prevalent among different demographic groups to be focus areas for tailored intervention programmes. Method: The study uses a quantitative research approach. An online survey was used to gather demographic data, perceptions about online security and applied password practices. A sample of 737 valid responses was analysed for this research. Results: Based on the descriptive analysis of the responses three key observations were made. Firstly, there is a distinct difference in the incidence of poor password practices for all respondents and thus support for tailored interventions. Secondly, there are variances between the practices within different demographic groups that could be used for customisation of interventions. Finally, the different poor practices cannot be uniquely attributed to one particular set of demographics. Conclusion: The study concluded that to improve computer password security in South Africa, password SETA programmes should be customised for areas where individual needs exist and not merely per password practice or demographic group.
Research Projects
Organizational Units
Journal Issue
Keywords
Passwords, Computer Security, Online, Education, Training, Awareness