Determinants of password security: Some educational aspects

Abstract

Development and integration of technology give organisations the opportunity to be globally competitive. However, the potential misuse of Information Technology (IT) is a reality that has to be dealt with by management, individuals and information security professionals. Numerous threats have emerged over time in the networked world, but so have the ways of alleviating these risks. However, security problems are still imminent - as highlighted by the plethora of media articles and research efforts. The insider risk is stated as being around 80% of security threats [1] in a company. With this statistic in mind, management has to plan how to allocate resources to counteract the risks. Very often, simple measures such as good password behaviour are overlooked or not rated high enough to include in all security awareness programmes. This paper will focus on a study that assesses password management of future IT professionals. It will be demonstrated how management and educators can use these results to focus their efforts in order to improve users' password practices and thereby enhancing overall IT security. © IFIP International Federation for Information Processing 2013.