Annual Computer Security Applications Conference (ACSAC) 2018

Full Program »

On The Systematic Development and Evaluation Of Password Security Awareness-Raising Materials

Text passwords play an important role in protecting the assets of organisations. Thus, it is of the essence, that employees are well aware of possible attacks and defences. To that end, we developed a password security awareness-raising material in a systematic iterative process: The material is based on the literature on password security, feedback of independent experts, and feedback of lay-users. It was evaluated in the field with employees of three organisations. Our results show that the participating employees improved their abilities to (1) discern secure from insecure password-related behaviour in a variety of scenarios relating to different attacks and (2) assess passwords as secure or insecure. These significantly improved abilities of the participants were still present in a retention after six months. Thus, the developed awareness-raising material contributes to improving the password-related security in organisations.

Peter Mayer
Karlsruhe Institute of Technology
Germany

Melanie Volkamer
Karlsruhe Institute of Technology
Germany

Christian Schwartz
usd AG
Germany

 



Powered by OpenConf®
Copyright©2002-2018 Zakon Group LLC