Privacy and human behavior in the age of information

Reading Time: 1 minuteThis review summarizes and draws connections between diverse streams of empirical research on privacy behavior. We use three themes to connect insights from social and behavioral sciences: people’s uncertainty about the consequences of...

Writing down your password: Does it help?

Reading Time: 1 minuteUsers are able to remember their phone numbers and postal codes, their student numbers, PIN numbers, and social insurance numbers. Why, then, do users have trouble remembering their passwords? This paper considers the hypothesis that being able...

Information security policies: a content analysis

Reading Time: 1 minuteAmong information security controls, the literature gives a central role to information security policies. However, there is a reduced number of empirical studies about the features and components of information security policies. This research...

Security Policy Compliance: User Acceptance Perspective

Reading Time: 1 minuteInformation security policy compliance is one of the key concerns that face organizations today. Although, technical and procedural security measures help improve information security, there is an increased need to accommodate human, social and...

Using and managing multiple passwords: A week to a view

Reading Time: 1 minuteSecurity policies are required that protect information from unauthorised access, and also respect challenges users face in creating, and particularly managing, increasing numbers of passwords. This paper investigates real password use in the...

The antecedents of information security policy compliance

Reading Time: 1 minuteInformation security is one of the major challenges for organizations that critically depend on information systems to conduct their businesses. Ensuring safety of information and technology resources has become the top priority for many...

Phishing IQ Tests Measure Fear, Not Ability

Reading Time: 1 minuteWe argue that phishing IQ tests fail to measure susceptibility to phishing attacks. We conducted a study where 40 subjects were asked to answer a selection of questions from existing phishing IQ tests in which we varied the portion (from 25% to...