TY - GEN
T1 - Password security
T2 - 5th International Conference on Electronic Devices, Systems and Applications, ICEDSA 2016
AU - Awad, Mohammed
AU - Al-Qudah, Zakaria
AU - Idwan, Sahar
AU - Jallad, Abdul Halim
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2017/1/13
Y1 - 2017/1/13
N2 - No matter how sophisticated and advanced an organization's security system is, it remains vulnerable due to the human factor. In this paper, we conducted a survey to analyze the patterns used by the faculty, staff, and students when generating passwords at a small sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users' passwords are breakable within days or shorter. Interestingly, we found that using numbers and uppercase letters is common among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this paper, we make recommendations to IT personnel and the general public to harden the security of their passwords.
AB - No matter how sophisticated and advanced an organization's security system is, it remains vulnerable due to the human factor. In this paper, we conducted a survey to analyze the patterns used by the faculty, staff, and students when generating passwords at a small sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users' passwords are breakable within days or shorter. Interestingly, we found that using numbers and uppercase letters is common among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this paper, we make recommendations to IT personnel and the general public to harden the security of their passwords.
KW - Awareness
KW - Password
KW - Security
KW - Strength
UR - http://www.scopus.com/inward/record.url?scp=85019731916&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85019731916&partnerID=8YFLogxK
U2 - 10.1109/ICEDSA.2016.7818558
DO - 10.1109/ICEDSA.2016.7818558
M3 - Conference contribution
AN - SCOPUS:85019731916
T3 - International Conference on Electronic Devices, Systems, and Applications
BT - 2016 5th International Conference on Electronic Devices, Systems and Applications, ICEDSA 2016
PB - IEEE Computer Society
Y2 - 6 December 2016 through 8 December 2016
ER -