TU Darmstadt / ULB / TUbiblio

Memorable And Secure: How Do You Choose Your PIN?

Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen (2016)
Memorable And Secure: How Do You Choose Your PIN?
Frankfurt
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2016
Autor(en): Gutmann, Andreas ; Volkamer, Melanie ; Renaud, Karen
Art des Eintrags: Bibliographie
Titel: Memorable And Secure: How Do You Choose Your PIN?
Sprache: Englisch
Publikationsjahr: Juli 2016
Verlag: University of Plymouth
Buchtitel: International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Veranstaltungsort: Frankfurt
Zugehörige Links:
Kurzbeschreibung (Abstract):

Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods of supporting PIN changes and report on an evaluation of these methods in a study with 152 participants. Our contribution is twofold: We introduce an alternative to system-generated random PINs, which considers people’s preferred memorisation strategy, and, secondly, we provide indication that presenting guidance on how to avoid insecure PINs does indeed nudge people towards more secure PIN choices when they are in the process of changing their PINs.

Freie Schlagworte: Security, Usability and Society;Secure Data
ID-Nummer: TUD-CS-2016-0118
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen