Choosing passwords: security and human factors

Password security is essential to the security of information systems. Human fallibility makes it nearly impossible to follow all of the recommended rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain th...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Gehringer, E.F.
Format:	Tagungsbericht
Sprache:	eng
Schlagworte:	Computer science Computer security Dictionaries Exact sciences and technology Human factors Information and communication sciences Information and communication technologies Information science. Documentation Information security Information systems Miscellaneous Modems Protection Sciences and techniques of general use Testing Voice mail
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	373
container_issue
container_start_page	369
container_title
container_volume
creator	Gehringer, E.F.
description	Password security is essential to the security of information systems. Human fallibility makes it nearly impossible to follow all of the recommended rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain them to have a certain minimum length, or to require them to contain a combination of letters and numbers. Some systems also impose maximum lengths, and some prohibit special characters. The lack of common standards for passwords makes it difficult for a user to remember which password is used for which system. To make matters worse, systems frequently revoke a user's access after a password has been incorrectly entered as few as three times. What is needed, then, is an analysis of passwords that takes both human factors and security into account. We must recognize that what really matters is the security of the total system-offline as well as online. This paper explores the tradeoffs that need to be made to achieve maximum security in everyday use by forgetful users.
doi_str_mv	10.1109/ISTAS.2002.1013839
format	Conference Proceeding
fullrecord	<record><control><sourceid>pascalfrancis_6IE</sourceid><recordid>TN_cdi_ieee_primary_1013839</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1013839</ieee_id><sourcerecordid>15759104</sourcerecordid><originalsourceid>FETCH-LOGICAL-c184t-b1e564132ed2d12ea3d73cbe1dc3b9403a9488d513f6df12b77ffcf46ed6fd463</originalsourceid><addsrcrecordid>eNpFT0trwzAYM4xBR5Y_0F1y2TGZP3-OH7uVsEehsEO7c3H8WDPapNgpo_9-gQwmBDpICImQJdAKgOqn9Xa32laMUlYBBVSob0iupaITUTLF9YLkKX3TCRy5EOKOVM1hGFLXfxVnk9LPEF16LpK3l9iN18L0rjhcTqYvgrHjENM9uQ3mmHz-pxn5fH3ZNe_l5uNt3aw2pQXFx7IFXwsOyLxjDpg36CTa1oOz2GpO0WiulKsBg3ABWCtlCDZw4Z0IjgvMyOPcO62y5hii6W2X9ufYnUy87qGWtYbpREYe5lznvf-35_f4C_X9T5o</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Choosing passwords: security and human factors</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Gehringer, E.F.</creator><creatorcontrib>Gehringer, E.F.</creatorcontrib><description>Password security is essential to the security of information systems. Human fallibility makes it nearly impossible to follow all of the recommended rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain them to have a certain minimum length, or to require them to contain a combination of letters and numbers. Some systems also impose maximum lengths, and some prohibit special characters. The lack of common standards for passwords makes it difficult for a user to remember which password is used for which system. To make matters worse, systems frequently revoke a user's access after a password has been incorrectly entered as few as three times. What is needed, then, is an analysis of passwords that takes both human factors and security into account. We must recognize that what really matters is the security of the total system-offline as well as online. This paper explores the tradeoffs that need to be made to achieve maximum security in everyday use by forgetful users.</description><identifier>ISBN: 9780780372849</identifier><identifier>ISBN: 0780372840</identifier><identifier>DOI: 10.1109/ISTAS.2002.1013839</identifier><language>eng</language><publisher>Piscataway NJ: IEEE</publisher><subject>Computer science ; Computer security ; Dictionaries ; Exact sciences and technology ; Human factors ; Information and communication sciences ; Information and communication technologies ; Information science. Documentation ; Information security ; Information systems ; Miscellaneous ; Modems ; Protection ; Sciences and techniques of general use ; Testing ; Voice mail</subject><ispartof>IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293), 2002, p.369-373</ispartof><rights>2004 INIST-CNRS</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c184t-b1e564132ed2d12ea3d73cbe1dc3b9403a9488d513f6df12b77ffcf46ed6fd463</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1013839$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,4036,4037,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1013839$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=15759104$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>Gehringer, E.F.</creatorcontrib><title>Choosing passwords: security and human factors</title><title>IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293)</title><addtitle>ISTAS</addtitle><description>Password security is essential to the security of information systems. Human fallibility makes it nearly impossible to follow all of the recommended rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain them to have a certain minimum length, or to require them to contain a combination of letters and numbers. Some systems also impose maximum lengths, and some prohibit special characters. The lack of common standards for passwords makes it difficult for a user to remember which password is used for which system. To make matters worse, systems frequently revoke a user's access after a password has been incorrectly entered as few as three times. What is needed, then, is an analysis of passwords that takes both human factors and security into account. We must recognize that what really matters is the security of the total system-offline as well as online. This paper explores the tradeoffs that need to be made to achieve maximum security in everyday use by forgetful users.</description><subject>Computer science</subject><subject>Computer security</subject><subject>Dictionaries</subject><subject>Exact sciences and technology</subject><subject>Human factors</subject><subject>Information and communication sciences</subject><subject>Information and communication technologies</subject><subject>Information science. Documentation</subject><subject>Information security</subject><subject>Information systems</subject><subject>Miscellaneous</subject><subject>Modems</subject><subject>Protection</subject><subject>Sciences and techniques of general use</subject><subject>Testing</subject><subject>Voice mail</subject><isbn>9780780372849</isbn><isbn>0780372840</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2002</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpFT0trwzAYM4xBR5Y_0F1y2TGZP3-OH7uVsEehsEO7c3H8WDPapNgpo_9-gQwmBDpICImQJdAKgOqn9Xa32laMUlYBBVSob0iupaITUTLF9YLkKX3TCRy5EOKOVM1hGFLXfxVnk9LPEF16LpK3l9iN18L0rjhcTqYvgrHjENM9uQ3mmHz-pxn5fH3ZNe_l5uNt3aw2pQXFx7IFXwsOyLxjDpg36CTa1oOz2GpO0WiulKsBg3ABWCtlCDZw4Z0IjgvMyOPcO62y5hii6W2X9ufYnUy87qGWtYbpREYe5lznvf-35_f4C_X9T5o</recordid><startdate>2002</startdate><enddate>2002</enddate><creator>Gehringer, E.F.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope><scope>IQODW</scope></search><sort><creationdate>2002</creationdate><title>Choosing passwords: security and human factors</title><author>Gehringer, E.F.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c184t-b1e564132ed2d12ea3d73cbe1dc3b9403a9488d513f6df12b77ffcf46ed6fd463</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2002</creationdate><topic>Computer science</topic><topic>Computer security</topic><topic>Dictionaries</topic><topic>Exact sciences and technology</topic><topic>Human factors</topic><topic>Information and communication sciences</topic><topic>Information and communication technologies</topic><topic>Information science. Documentation</topic><topic>Information security</topic><topic>Information systems</topic><topic>Miscellaneous</topic><topic>Modems</topic><topic>Protection</topic><topic>Sciences and techniques of general use</topic><topic>Testing</topic><topic>Voice mail</topic><toplevel>online_resources</toplevel><creatorcontrib>Gehringer, E.F.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Gehringer, E.F.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Choosing passwords: security and human factors</atitle><btitle>IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293)</btitle><stitle>ISTAS</stitle><date>2002</date><risdate>2002</risdate><spage>369</spage><epage>373</epage><pages>369-373</pages><isbn>9780780372849</isbn><isbn>0780372840</isbn><abstract>Password security is essential to the security of information systems. Human fallibility makes it nearly impossible to follow all of the recommended rules simultaneously. A user with many different passwords, frequently changing, will be forced to write them down somewhere. Some systems constrain them to have a certain minimum length, or to require them to contain a combination of letters and numbers. Some systems also impose maximum lengths, and some prohibit special characters. The lack of common standards for passwords makes it difficult for a user to remember which password is used for which system. To make matters worse, systems frequently revoke a user's access after a password has been incorrectly entered as few as three times. What is needed, then, is an analysis of passwords that takes both human factors and security into account. We must recognize that what really matters is the security of the total system-offline as well as online. This paper explores the tradeoffs that need to be made to achieve maximum security in everyday use by forgetful users.</abstract><cop>Piscataway NJ</cop><pub>IEEE</pub><doi>10.1109/ISTAS.2002.1013839</doi><tpages>5</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISBN: 9780780372849
ispartof	IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293), 2002, p.369-373
issn
language	eng
recordid	cdi_ieee_primary_1013839
source	IEEE Electronic Library (IEL) Conference Proceedings
subjects	Computer science Computer security Dictionaries Exact sciences and technology Human factors Information and communication sciences Information and communication technologies Information science. Documentation Information security Information systems Miscellaneous Modems Protection Sciences and techniques of general use Testing Voice mail
title	Choosing passwords: security and human factors
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-14T04%3A21%3A57IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Choosing%20passwords:%20security%20and%20human%20factors&rft.btitle=IEEE%202002%20International%20Symposium%20on%20Technology%20and%20Society%20(ISTAS'02).%20Social%20Implications%20of%20Information%20and%20Communication%20Technology.%20Proceedings%20(Cat.%20No.02CH37293)&rft.au=Gehringer,%20E.F.&rft.date=2002&rft.spage=369&rft.epage=373&rft.pages=369-373&rft.isbn=9780780372849&rft.isbn_list=0780372840&rft_id=info:doi/10.1109/ISTAS.2002.1013839&rft_dat=%3Cpascalfrancis_6IE%3E15759104%3C/pascalfrancis_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1013839&rfr_iscdi=true