TU Darmstadt / ULB / TUbiblio

Exploring Mental Models Underlying PIN Management Strategies

Renaud, Karen and Volkamer, Melanie (2015):
Exploring Mental Models Underlying PIN Management Strategies.
In: World Congress on Internet Security (WorldCIS 2015), IEEE, [Conference or Workshop Item]

Abstract

PINs have been around for half a century and many insecure PIN-related practices are used. We attempted to mitigate by developing two new PIN memorial assistance mechanisms that we tested in an online study. We were not able to show an improvement in memorability, mostely because people did not use the memorial aids. We realised that a greater insight into PIN Management mental models was needed, in order to better formulate mitigation approaches. We proceeded to study PIN-related mental models, and we present our finding in this paper. The insights we gained convinced us that security researchers should not presume that people want, or need, our advice or help in any security context; they might well prefer to continue with their usual trusted practices. Yet advice should indeed still be offered, for those who do want it, and we give some suggestions about how this advice should look like in the PIN context.

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Renaud, Karen and Volkamer, Melanie
Title: Exploring Mental Models Underlying PIN Management Strategies
Language: German
Abstract:

PINs have been around for half a century and many insecure PIN-related practices are used. We attempted to mitigate by developing two new PIN memorial assistance mechanisms that we tested in an online study. We were not able to show an improvement in memorability, mostely because people did not use the memorial aids. We realised that a greater insight into PIN Management mental models was needed, in order to better formulate mitigation approaches. We proceeded to study PIN-related mental models, and we present our finding in this paper. The insights we gained convinced us that security researchers should not presume that people want, or need, our advice or help in any security context; they might well prefer to continue with their usual trusted practices. Yet advice should indeed still be offered, for those who do want it, and we give some suggestions about how this advice should look like in the PIN context.

Title of Book: World Congress on Internet Security (WorldCIS 2015)
Publisher: IEEE
Uncontrolled Keywords: Security, Usability and Society;PINs, Mental Models, Strategies
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
LOEWE > LOEWE-Zentren
20 Department of Computer Science
LOEWE
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2015-1264
Related URLs:
Export:
Suche nach Titel in: TUfind oder in Google

Optionen (nur für Redakteure)

View Item View Item