TU Darmstadt / ULB / TUbiblio

Memorable And Secure: How Do You Choose Your PIN?

Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen (2016)
Memorable And Secure: How Do You Choose Your PIN?
Frankfurt
Conference or Workshop Item, Bibliographie

Abstract

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Item Type: Conference or Workshop Item
Erschienen: 2016
Creators: Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen
Type of entry: Bibliographie
Title: Memorable And Secure: How Do You Choose Your PIN?
Language: English
Date: July 2016
Publisher: University of Plymouth
Book Title: International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Event Location: Frankfurt
Corresponding Links:
Abstract:

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Uncontrolled Keywords: Security, Usability and Society;Secure Data
Identification Number: TUD-CS-2016-0118
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 28 Jul 2016 18:35
Last Modified: 30 May 2018 12:53
PPN:
Corresponding Links:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details