Despite the advent of sophisticated authentication systems, text-based passwords remain the most widely adopted method of securing information systems. Seizing a unique opportunity that arose following a substantial shift in Carnegie Mellon University’s (CMU) password policy, which necessitated password changes by users, we conducted a survey with 470 CMU computer users. This survey enabled us to gather data on user behaviors, practices, and opinions concerning password use and creation, particularly in response to the more stringent policy requirements. While the majority of users expressed frustration at the need for complex passwords, they also acknowledged an increased sense of security. We additionally carried out an entropy analysis and explored how our insights align with the NIST’s guidelines for password policy formulation. We also delved into user responses to queries specific to their passwords. The outcomes of our study can assist in crafting improved password policies that take into account not just the technical ramifications of individual policy rules, but also how users react to these rules.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....