• PDF / 111,008 Bytes
• 8 Pages / 439.37 x 666.142 pts Page_size
• 72 Downloads / 263 Views

DOWNLOAD

REPORT

Abstract This work provides an analysis of current research exploring the problems that arise with combinations of personal data used in primary and secondary authentication and personal data available online. Personal data, such as names and birthdates, are used frequently in password creation or as answers to secondary authentication question. In combination, these problems increase security risks while failing to provide users with usability in the most common of authentication mechanism. Here, current literature is evaluated to compare current personal data used in password authentication with data commonly available online for individuals. The resulting contribution provides a framework for research, a compilation of current understandings of user’s password design and secondary authentication questions, the relationship of authentication to personal data, and directions for future research. Keywords User behavior Secondary authentication


Password authentication
Personal data availability


1 Introduction The design of feasible authentication mechanisms able to provide adequate security and privacy while maintaining usability remains an elusive goal for the Information Systems (IS) community. Considering usability and security in tandem creates an intractable problem requiring a broad spectrum of research specialties including Human Centered Computing (HCC) and Human Computer Interaction (HCI). While conceived and introduced frequently, alternative authentication schemes have not succeeded in wide-spread replacement of the password, despite superiority to standard passwords with regard to usability, security, or other factors considered K.E. Richards (&)
A.F. Norcio University of Maryland, Baltimore County, 1000 Hilltop Circle, Baltimore, MD 21250, USA e-mail: [email protected] © Springer International Publishing Switzerland 2016 D. Nicholson (ed.), Advances in Human Factors in Cybersecurity, Advances in Intelligent Systems and Computing 501, DOI 10.1007/978-3-319-41932-9_25

305

306

K.E. Richards and A.F. Norcio

individually [1–4]. Despite much dedicated effort to produce alternatives, passwords remain the most common form of authentication and seem likely to remain in use for some time [1, 4]. It is therefore incumbent upon researchers in interested fields to address meaningfully improving password based authentication protocols [4]. This work sets forth a particular weakness in authentication and secondary authentication mechanisms and suggests research directions required to improve upon this weakness. In addition to other security weaknesses, password usage is fraught with poor user behaviors that compromise security [5]. Failure to change passwords frequently, use of the same password on multiple devices, weak passwords with insufficient randomness or number of characters, and writing down or sharing passwords with others may compromise security [6–8]. These user behaviors are attributed to a wide variety of causes including user laziness, lack of information or training [3, 9]. Research also s

Recommend Documents

Energy balanced data gathering approaches, issues and research directions

184 50 1MB

Personal Data

172 4 2MB

Personal Data

173 12 47MB

New Directions in Sex Research

121 41 19MB

Future Research Challenges and Directions

232 13 6MB

Conclusions and Further Research Directions

186 31 3MB

Epilogue: Future Directions in Research and Practice

244 89 7MB

Knowledge Graphs: Research Directions

252 86 14MB

Prometheus Research Directions

217 81 496KB

Personal Data Protection in Russia

211 58 10MB

Directions in Clinical Research on ATOS

228 108 23MB

Directions in Clinical Research on VTOS

220 118 23MB