MétaCan
Menu
Retour à la cohorte
Enregistrement W980151409

A protection motivation theory approach to improving compliance with password guidelines

2015· dissertation· en· W980151409 sur OpenAlex

Pourquoi ce travail est dans la base

Une base qui oublie comment elle a trouvé un travail ne peut pas être vérifiée. Voici les voies qui ont admis celui-ci.

fundUn bailleur canadien est enregistré sur le travail.
no affAucune affiliation canadienne : ce travail est invisible pour une base fondée sur la seule affiliation.
Aucune affiliation canadienne. Une base fondée sur la seule affiliation (le devis habituel) n'aurait jamais vu ce travail. C'est l'un des travaux qui justifient l'inversion de la base.

Notice bibliographique

RevueMurdoch Research Repository (Murdoch University) · 2015
Typedissertation
Langueen
DomaineComputer Science
ThématiqueUser Authentication and Security Systems
Établissements canadiensnon disponible
Organismes subventionnairesMcGill University
Mots-clésPasswordPassword strengthComputer securityCognitive passwordComputer scienceCompliance (psychology)Password policyInformation securityInternet privacyVulnerability (computing)One-time passwordPsychologySocial psychology
DOInon disponible

Résumé

récupéré en direct d'OpenAlex

Usernames and passwords form the most widely used method of user authentication on the Internet. Yet, users still find compliance with password guidelines difficult. The primary objective of this research was to investigate how compliance with password guidelines and password quality can be improved. This study investigated how user perceptions of passwords and security threats affect compliance with password guidelines and explored if altering these perceptions would improve compliance. This research also examined if compliance with password guidelines can be sustained over time. This study focuses on personal security, particularly factors that influence compliance when using personal online accounts. 
\n
\nThe proposed research model is based on the Protection Motivation Theory (PMT) (Rogers, 1975, 1983), a model widely used in information systems security research. As studies have failed to consistently confirm the association between perceived vulnerability and information security practices, the model was extended to include exposure to hacking as a predictor of perceived vulnerability. Experimental research was used to test the model from two groups of Internet users, one of which received PMT based fear appeals in the form of a password security information and training exercise. To examine if password strength was improved by the fear appeals, passwords were collected. A password strength analysis tool was developed using Shannon’s (2001) formula for calculating entropy and coded in Visual Basic. Structural equation modeling was used to test the model. 
\n
\nThe proposed model explains compliance intentions moderately well, with 54% of the variance explained by the treatment model and 43% explained by the control group model. Overall, the results indicate that efficacy perceptions are a stronger predictor of compliance intentions than threat perceptions. This study identifies three variables that predict user intentions to comply with password guidelines as particularly important. These are perceived threat, perceived password effectiveness and password self-efficacy. The results show no association between perceived vulnerability to a security attack and a user’s decision to comply. The results also showed that those who are provided with password information and training are significantly more likely to comply, and create significantly stronger passwords. However, the fear appeals used in this study had no long-term effects on compliance intentions. The results on the long-term effects of password training on the participants’ ability to remember passwords were however promising. The group that received password training with a mnemonic training component was twice as likely to remember their passwords over time. 
\n
\nThe results of this research have practical implications for organizations. They highlight the need to raise the levels of concern for information systems security threats through training in order to improve compliance with security guidelines. Communicating to users what security responses are available is important; however, whether they implement them is dependent on how effective they feel the security responses are in preventing an attack. Regarding passwords, the single most important consideration by a user is whether they have the ability to create strong, memorable passwords. At the very least, users should be trained on how to create strong passwords, with emphasis on memorization strategies. This research found mnemonic password training to have some long-term effects on users’ ability to remember passwords, which is arguably one of the most vexing challenges associated with passwords. Future research should explore the extent to which the effects of PMT based information systems security communication can be maintained over time.

Récupéré en direct depuis OpenAlex et désinversé. Les résumés ne sont pas conservés dans cette base de données : les index inversés représentent 8,6 Go des 9,3 Go de texte de la base, et le serveur dispose de 13 Go libres.

Prédiction distillée sur la base complète

Imitation des enseignants

Ni prévalence calibrée, ni vérité terrain. Validation humaine à venir. Apprise à partir de 10 348 étiquettes directes de Codex et de 10 348 étiquettes directes de Gemma. Le mode candidate est l'union des têtes enseignantes seuillées; le consensus est leur intersection. Ces sorties portent le statut machine_predicted_unvalidated et ne sont ni des étiquettes humaines ni des étiquettes directes de modèles de pointe.

score de la tête « metaresearch » (Codex)0,002
score de la tête « metaresearch » (Gemma)0,001
Version: codex-gemma-dda1882f352aStatut de validation: machine_predicted_unvalidated
Catégories candidatesMéta-épidémiologie (sens strict)
Catégories consensuellesaucune
DomaineSignal candidat: aucune · Signal consensuel: aucune
Devis d'étudeSignal candidat: Sans objet · Signal consensuel: aucune
GenreSignal candidat: Empirique · Signal consensuel: aucune
Score de désaccord entre enseignants0,553
Score d'incertitude au seuil1,000

Scores Codex et Gemma par catégorie

CatégorieCodexGemma
Métarecherche0,0020,001
Méta-épidémiologie (sens strict)0,0000,000
Méta-épidémiologie (sens large)0,0010,000
Bibliométrie0,0020,003
Études des sciences et des technologies0,0010,000
Communication savante0,0010,001
Science ouverte0,0030,000
Intégrité de la recherche0,0000,001
Charge utile insuffisante (le modèle a refusé de juger)0,0000,000

Scores machine (provisoires)

Les deux têtes enseignantes du modèle étudiant, lues sur ce travail. Un score ordonne la base pour la relecture; il n'affirme jamais une catégorie, et le statut de validation accompagne chaque rangée tel quel.

Scores de référence d'un modèle non mature (critères de maturité non atteints, 7 itérations). Un score ordonne; il n'affirme jamais une catégorie.

Tête enseignante Opus0,183
Tête enseignante GPT0,341
Écart entre enseignants0,158 · la distance entre les deux têtes enseignantes sur ce seul travail
Statut de validationscore_only:v0-immature-baseline · tel quel depuis la passe de notation : score_only signifie que le nombre peut ordonner les travaux, et qu'aucune étiquette de catégorie n'en découle