NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Communications of the ACM
Making Passwords Secure and Usable
HCI 97 Proceedings of HCI on People and Computers XII
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
An approach to usable security based on event monitoring and visualization
Proceedings of the 2002 workshop on New security paradigms
Moving from the design of usable security technologies to the design of useful secure applications
Proceedings of the 2002 workshop on New security paradigms
Bringing security home: a process for developing secure and usable systems
Proceedings of the 2003 workshop on New security paradigms
Security in the wild: user strategies for managing security as an everyday, practical problem
Personal and Ubiquitous Computing
Social navigation as a model for usable security
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
International Journal of Human-Computer Studies
In the eye of the beholder: a visualization-based approach to information system security
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Secrecy, flagging, and paranoia: adoption criteria in encrypted email
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Improving interface designs to help users choose better passwords
CHI '06 Extended Abstracts on Human Factors in Computing Systems
interactions - A contradiction in terms?
Aligning usability and security: a usability study of Polaris
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Password management strategies for online accounts
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Divide and conquer: the role of trust and assurance in the design of secure socio-technical systems
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Public Key Infrastructures: A research agenda
Journal of Computer Security - On IWAP'05
Tracking website data-collection and privacy practices with the iWatch web crawler
Proceedings of the 3rd symposium on Usable privacy and security
End-user privacy in human-computer interaction
Foundations and Trends in Human-Computer Interaction
Persuasion for Stronger Passwords: Motivation and Pilot Study
PERSUASIVE '08 Proceedings of the 3rd international conference on Persuasive Technology
Collective information practice: emploring privacy and security as social and cultural phenomena
Human-Computer Interaction
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Designing user studies for security applications: a case study with wireless network configuration
International Journal of Security and Networks
PKI Challenges: An Industry Analysis
Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
The compliance budget: managing security behaviour in organisations
Proceedings of the 2008 workshop on New security paradigms
Position: the user is the enemy
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
Building a better password: the role of cognitive load in information security training
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Laissez-faire file sharing: access control designed for individuals at the endpoints
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Interacting with Computers
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
QoS-T: QoS throttling to elicit user cooperation in computer systems
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
iTrust'05 Proceedings of the Third international conference on Trust Management
International Journal of Human-Computer Studies
In the balance in Saudi Arabia: security, privacy and trust
CHI '13 Extended Abstracts on Human Factors in Computing Systems
Hi-index | 0.00 |
In the past, research on password mechanisms has focussed almost entirely on technical issues. Only in recent years has the security research community acknowledged that user behavior plays a part in many security failures, and that policies alone may not be sufficient to ensure correct behavior. We argue that password mechanisms and their users form a socio-technical system, whose effectiveness relies strongly on users' willingness to make the extra effort that security-conscious behavior requires. In most organizations, users cannot be forced to comply; rather, they have to be persuaded to do so. Ultimately, the mechanisms themselves, policies, tutorials, training and the general discourse have to be designed with their persuasive power in mind. We present the results of a first study that can guide such persuasive efforts, and describe methods that can be used to persuade users to employ proper password practice.