Some password users are more equal than others : towards customisation of online security initiatives

Butler, Rika ; Butler, Martin (2018)

CITATION: Butler, R. & Butler, M. 2018. Some password users are more equal than others : towards customisation of online security initiatives. South African Journal of Information Management, 20(1):a920, doi:10.4102/sajim.v20i1.920.

The original publication is available at http://www.sajim.co.za

Article

Background: Online security is a growing concern and user authentication through passwords remains an important mechanism to protect online assets. Research to date has highlighted the need to address human behaviour but without an indication of where the emphasis of security education, training and awareness (SETA) initiatives should be, beyond improved password practices. Objectives: The aim of this study was to, through analysis of the password behaviour of South African online consumers: (1) understand the prevalence of poor password practices among consumers overall and (2) identify specific password deficiencies prevalent among different demographic groups to be focus areas for tailored intervention programmes. Method: The study uses a quantitative research approach. An online survey was used to gather demographic data, perceptions about online security and applied password practices. A sample of 737 valid responses was analysed for this research. Results: Based on the descriptive analysis of the responses three key observations were made. Firstly, there is a distinct difference in the incidence of poor password practices for all respondents and thus support for tailored interventions. Secondly, there are variances between the practices within different demographic groups that could be used for customisation of interventions. Finally, the different poor practices cannot be uniquely attributed to one particular set of demographics. Conclusion: The study concluded that to improve computer password security in South Africa, password SETA programmes should be customised for areas where individual needs exist and not merely per password practice or demographic group.

Please refer to this item in SUNScholar by using the following persistent URL: http://hdl.handle.net/10019.1/106890
This item appears in the following collections: