Security design based on social and cultural practice: sharing of passwords

Authors:
Supriya Singh;Anuja Cabraal;Catherine Demosthenous;Gunela Astbrink;Michele Furlong
Affiliations:
Smart Internet Technology Cooperative Research Centre/RMIT University, Melbourne, Australia;Smart Internet Technology Cooperative Research Centre/RMIT University, Melbourne, Australia;Smart Internet Technology Cooperative Research Centre, QLD, Australia;Smart Internet Technology Cooperative Research Centre/GSA Information Consultants, GSA Information Consultants, QLD, Australia;Smart Internet Technology Cooperative Research Centre/GSA Information Consultants, GSA Information Consultants, QLD, Australia
Venue:
UI-HCII'07 Proceedings of the 2nd international conference on Usability and internationalization
Year:
2007

Citing 6
Cited 2

Introduction

Technology and privacy
Secrets & Lies: Digital Security in a Networked World

Secrets & Lies: Digital Security in a Networked World
Unpacking "privacy" for a networked world

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Aligning Security and Usability

IEEE Security and Privacy
Password sharing: implications for security design based on social practice

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Déjà Vu: a user study using images for authentication

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9

Balancing Separateness and Jointness of Money in Relationships: The Design of Bank Accounts in Australia and India

IDGD '09 Proceedings of the 3rd International Conference on Internationalization, Design and Global Development: Held as Part of HCI International 2009
In the balance in Saudi Arabia: security, privacy and trust

CHI '13 Extended Abstracts on Human Factors in Computing Systems

Quantified Score

Hi-index	0.01

Visualization

Abstract

We draw on a qualitative study of 108 people to examine the routine sharing of passwords for online banking among married and de facto couples, Aboriginal users and people with disability in Australia. The sharing of passwords goes against current banking authentication systems and consumer protection laws that require customers not to reveal their access codes to anybody, including family members. The everyday violation of these security requirements results from the lack of fit between security design and social and cultural practice, rather than a lack of security awareness. We argue for the need to go beyond individualistic user-centered design, so that social and crosscultural practices are at the centre of the design of technologies. The need for a social and culturally centered approach to design is even more important when dealing with different notions of privacy across cultures and a culture of shared use in public and private spaces.