TU Darmstadt / ULB / TUbiblio

Memorable And Secure: How Do You Choose Your PIN?

Gutmann, Andreas and Volkamer, Melanie and Renaud, Karen (2016):
Memorable And Secure: How Do You Choose Your PIN?
In: International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016), University of Plymouth, Frankfurt, pp. 156-166, [Conference or Workshop Item]

Abstract

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Item Type: Conference or Workshop Item
Erschienen: 2016
Creators: Gutmann, Andreas and Volkamer, Melanie and Renaud, Karen
Title: Memorable And Secure: How Do You Choose Your PIN?
Language: English
Abstract:

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Title of Book: International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Publisher: University of Plymouth
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Frankfurt
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2016-0118
Related URLs:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item