Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen (2016)
Memorable And Secure: How Do You Choose Your PIN?
Frankfurt
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2016 |
| Autor(en): | Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen |
| Art des Eintrags: | Bibliographie |
| Titel: | Memorable And Secure: How Do You Choose Your PIN? |
| Sprache: | Englisch |
| Publikationsjahr: | Juli 2016 |
| Verlag: | University of Plymouth |
| Buchtitel: | International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016) |
| Veranstaltungsort: | Frankfurt |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs. |
| Freie Schlagworte: | Security, Usability and Society;Secure Data |
| ID-Nummer: | TUD-CS-2016-0118 |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > SECUSO - Security, Usability and Society Profilbereiche > Cybersicherheit (CYSEC) LOEWE > LOEWE-Zentren 20 Fachbereich Informatik Profilbereiche LOEWE |
| Hinterlegungsdatum: | 28 Jul 2016 18:35 |
| Letzte Änderung: | 30 Mai 2018 12:53 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum