Skip to main content

The psychology of password management: a tradeoff between security and convenience

Journal Article


Abstract


  • Despite technological advances, humans remain the weakest link in Internet security. In this study, we examined five password-management behaviours to answer questions about user knowledge of password quality, motivation behind password selection and the effect of account type on password-management behaviour. First, we found that users know what constitutes a good/bad password and know which common password-management practices are (in)appropriate. Second, users are motivated to engage in these bad password-management behaviours because they do not see any immediate negative consequences to themselves (negative externalities) and because of the convenience–security tradeoff. Applying Construal Level Theory, we found that this tradeoff can be positively influenced by imposing a time frame factor, i.e. whether the password change will take place immediately (which results in weaker passwords) or in the future (which results in stronger passwords). Third, we found a time frame effect only for more important (online banking) accounts.

Authors


  •   Glassman, Myron (external author)
  •   Vandenwauver, Mark (external author)
  •   Tam, Leona

Publication Date


  • 2010

Citation


  • Tam, L., Glassman, M. & Vandenwauver, M. (2010). The psychology of password management: a tradeoff between security and convenience. Behaviour and Information Technology, 29 (3), 233-244.

Scopus Eid


  • 2-s2.0-77951996290

Ro Metadata Url


  • http://ro.uow.edu.au/commpapers/3147

Has Global Citation Frequency


Number Of Pages


  • 11

Start Page


  • 233

End Page


  • 244

Volume


  • 29

Issue


  • 3

Abstract


  • Despite technological advances, humans remain the weakest link in Internet security. In this study, we examined five password-management behaviours to answer questions about user knowledge of password quality, motivation behind password selection and the effect of account type on password-management behaviour. First, we found that users know what constitutes a good/bad password and know which common password-management practices are (in)appropriate. Second, users are motivated to engage in these bad password-management behaviours because they do not see any immediate negative consequences to themselves (negative externalities) and because of the convenience–security tradeoff. Applying Construal Level Theory, we found that this tradeoff can be positively influenced by imposing a time frame factor, i.e. whether the password change will take place immediately (which results in weaker passwords) or in the future (which results in stronger passwords). Third, we found a time frame effect only for more important (online banking) accounts.

Authors


  •   Glassman, Myron (external author)
  •   Vandenwauver, Mark (external author)
  •   Tam, Leona

Publication Date


  • 2010

Citation


  • Tam, L., Glassman, M. & Vandenwauver, M. (2010). The psychology of password management: a tradeoff between security and convenience. Behaviour and Information Technology, 29 (3), 233-244.

Scopus Eid


  • 2-s2.0-77951996290

Ro Metadata Url


  • http://ro.uow.edu.au/commpapers/3147

Has Global Citation Frequency


Number Of Pages


  • 11

Start Page


  • 233

End Page


  • 244

Volume


  • 29

Issue


  • 3