Investigating user account control practices

Authors:
Sara Motiee;Kirstie Hawkey;Konstantin Beznosov
Affiliations:
The University of British Columbia, Vancouver, BC, Canada;The University of British Columbia, Vancouver, BC, Canada;The University of British Columbia, Vancouver, BC, Canada
Venue:
CHI '10 Extended Abstracts on Human Factors in Computing Systems
Year:
2010

Citing 2
Cited 0

Do security toolbars actually prevent phishing attacks?

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A framework for reasoning about the human in the loop

UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege accounts; a UAC prompt allows users to raise their privileges when required. We conducted a user study and contextual interviews to understand the motives and challenges participants face when using different user accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged accounts. Moreover, most did not understand or carefully consider the prompts.