OUR PASSWORD SECURITY PRACTICES: SECURE OR VULNERABLE
Authors: Safwana Haque, Farhana Haque, Md Abdul Haque
Affiliation: BRAC University University, Dhaka, Bangladesh, Farhana Haque, Anwer Khan Modern University, International University of Business Agriculture and Technology
Keywords: Password Security, Security Awareness, User Behavior, Security Practices, Cybersecurity
ABSTRACT. Text-based password is the most commonly used method to authenticate systems, and plays a vital role in keeping our data safe from attackers, therefore, it is important to have adequate knowledge for secured password practices. This study carried out an online survey of 500 people to study their response to password security. It was seen that 63% of the participants were vulnerable to password attacks because of their chosen methods. People of age 65 and above were found to be at the highest risk, while 80% of the female population have either never experienced or do not have any idea of a breach in their account. It was seen that 90% of the participants used information of personal signiﬁcance in their lives, but 53% would still like secure passwords. This study suggests improvements for each chosen method that would make our system more reliable and immune to attacks.
1. Anonymous. 2019. “Bangladesh Telecommunication Regulatory Commission.” 2019. http://www.btrc.gov.bd/content/internet-subscribers-bangladesh-february-2019.
2. Armerding, Taylor. 2018. “The 18 Biggest Data Breaches of the 21st Century.” CSO. 2018.
3. Awad, Mohammed, Zakaria Al-Qudah, Sahar Idwan, and Abdul Halim Jallad. 2017. “Password Security: Password Behavior Analysis at a Small University.” International Conference on Electronic Devices, Systems, and Applications, 3–6.
4. CISCO. n.d. “What Is Cybersecurity?” Accessed January 21, 2019. https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html.
5. Florencio, Dinei, and Cormac Herley. 2007. “A Large-Scale Study of Web Password Habits.” Proceedings of the 16th International Conference on World Wide Web - WWW ’07, 657.
6. Gaw, Shirley, and Edward W. Felten. 2006. “Password Management Strategies for Online Accounts.” In Proceedings of the Second Symposium on Usable Privacy and Security - SOUPS ’06, 44. New York, New York, USA: ACM Press
7. Gott, Amber. 2018. “How Often Should You Change Your Password?” 2018. https://blog.lastpass.com/2018/08/often-change-password.html/.
8. Hamidur. 2009. “Internet History of Bangladesh.” 2009. http://wirelessbangladesh.blogspot.com/2009/04/internet-history-of-bangladesh.html.
9. Klein, Daniel V. 1992. “Foiling the Cracker: A Survey of, and Improvements to, Password Security.” Programming and Computer Software 17 (3): 5–14.
10. Lamport, Leslie. 1981. “Password Authentication with Insecure Communication.” Communications of the ACM 24 (11): 770–72.
11. Morris, Robert, and Ken Thompson. 1979. “Password Security: A Case History.” Communications of the ACM 22 (11): 594–97.
12. Raza, Mudassar, Muhammad Iqbal, Muhammad Sharif, and Waqas Haider. 2012. “A Survey of Password Attacks and Comparative Analysis on Methods for Secure Authentication.” World Applied Sciences Journal 19 (4): 439–44.
13. Riley, Shannon. 2006. “Password Security: What Users Know and What They Actually Do.” Usability News 8 (1): 2833–2836.
14. Shay, Richard, Saranga Komanduri, Patrick Gage Kelley, Pedro Giovanni Leon, Michelle L. Mazurek, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. 2010. “Encountering Stronger Password Requirements : User Attitudes and Behaviors Categories and Subject Descriptors.” Proceedings of the Sixth Symposium on Usable Privacy and Security - SOUPS ’10, 1.
15. Techopedia. n.d. “Password.” Accessed January 22, 2019. https://www.techopedia.com/definition/4042/password.
16. Tsokkis, Pieris, and Eliana Stavrou. 2018. “A Password Generator Tool to Increase Users’ Awareness on Bad Password Construction Strategies.” 2018 International Symposium on Networks, Computers and Communications, ISNCC 2018, 1–5.