Lösenordsovanor – åldersrelaterat? / Password obsolete – age related?

Andersson, Sandra

January 2019

This study aimed primarily at investigating if the role of age was important regarding password management and password habits of different users. Despite extensive research in password management, the problem remains that users create insecure passwords, leaving personal information and systems vulnerable to attackers. In order to examine users’ different password habits in different age categories, a multi-strategy study was conducted, which consisted of two methods, with both a questionnaire and interviews. The areas discussed in the study were whether the age was important on the user's password habits and the knowledge different users had about attacker's different methods. The study also discusses how the user thought about the creation of passwords in comparison with recommendations from existing studies of how a secure password is created and how the user remembered their password. The results of the surveys show no correlation between the user's age and password habits. However, a possible solution to the problem is finally discussed, as both previous studies and this study proves users today lack knowledge of secure passwords and lack of password habits.

passwords

password management

password habits

differences in password habits

age differences

password authentication

password knowledge

Computer and Information Sciences

Data- och informationsvetenskap

User Perception of their Password Habits in Terms of Security, Memorability, and Usability

Florestedt, Louise, Andersson, Malin

January 2024

In an era where digital security concerns are paramount, understanding users' behaviors and attitudes towards password management is crucial. This research examines users' perception of their password habits in terms of security, memorability, and usability. The study encompasses a comprehensive survey and interviews conducted with individuals across various professional backgrounds and age groups. A total of 87 online users responded to the questionnaire and ten individuals were interviewed to gather more in-depth data. The study aimed to understand how users perceive the trade-offs between security, memorability, and usability in their password habits and what factors influence their choices in creating and managing passwords. The findings reveal nuanced insights into users' password practices. While users acknowledge the importance of security, they often prioritize memorability and usability over stringent security measures. Factors such as convenience, familiarity, and personal preferences significantly influence password creation and management. Despite being aware of security risks associated with weak passwords and password reuse, users commonly engage in these practices due to the challenges posed by complex password requirements and the sheer volume of passwords needed for various accounts. Overall, this research underscores the importance of understanding users' perspectives on password habits to develop more effective strategies for promoting password security. By bridging the gap between user behavior and security policies, organizations may be able to tailor interventions that align with user preferences, thereby fostering a more secure online environment.

Information Security

Passwords

Password Security

Memorability

Usability

Password Habits

Information Systems

Lösenordshantering : Är lösenordspolicyn i en verksamhet tillräcklig för att de anställda ska bedriva säker lösenordshantering enligt ISO-standarder?

Soliman, Galal

January 2018

Lösenord är en viktig del av informationssäkerhet och fungerar som primär autentiseringsmetod för att skydda användarkonton.  Syftet med denna studie är att ta reda på hur väl en verksamhets anställda följer verksamhetens lösenordspolicy och undersöka om lösenordshanteringen sker på ett accepterat och godkänt sätt utifrån ett säkerhetsperspektiv i enlighet med ISO-standarder. Metoden har bestått av en enkätundersökning och intervjuundersökning vars resultat jämförts med relevanta riktlinjer från ISO-standarder och verksamhetens lösenordspolicy, en riskanalys och utvecklandet av ett verktyg för att memorera lösenord. Resultat visade brister på säker lösenordshantering bland verksamhetens anställda. Genom analysen har en rad åtgärder framtagits för att upprätta, återställa och förbättra lösenordshanteringen samt förebyggande åtgärder för den lösenordshantering som redan är godkänd. De slutsatser som dragits utifrån denna studie är att det finns ett behov för förbättring av lösenordshanteringen och utifrån behovet har förslag på både åtgärder och förebyggande åtgärder tagits fram. / Passwords are an important part of information security and works as a primary authentication method to protect user accounts. The purpose of this study is to investigate how an organisation’s employees follow the password policy and investigate if the password management is executed in an acceptable fashion from a security perspective and according to ISO standards. The method consisted of a survey, interviews of which the results has been compared to ISO standards guidelines and the organisation’s password policy, a risk analysis and a development of a tool to memorize passwords. The result showed insufficiency in the password management of the employees. Thru the analysis several actions have been found to constitute, restore and improve the password management and also preventing actions to keep the password management that is already sufficient. The conclusions are that there is a need for improvement of the password management and from these needs proposals for actions have been extracted.

password

password habits

password management

password policy

information security

web development

lösenord

lösenordsvanor

lösenordshantering

lösenordspolicy

informationssäkerhet

webbutveckling

Computer Engineering

Datorteknik