UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Persuasive password security

Weirich, D; (2006) Persuasive password security. Doctoral thesis , UCL (University College London). Green open access

[thumbnail of Weirich_thesis.pdf]
Preview
Text
Weirich_thesis.pdf

Download (15MB) | Preview

Abstract

An organization that gives users access to computing resources via a password mechanism needs to ensure that they perform certain secure behaviours if it wants those resources to be protected adequately. The research problem this thesis seeks to address is the question of how the likelihood of users performing these behaviours can be increased when some of those behaviours can neither be enforced nor monitored adequately. The primary substantive contribution of the thesis is a grounded theory model of the process users go through when choosing password-related behaviours in the absence of any organizational efforts to influence this choice. The model is subsequently extended to incorporate the effect on user behaviour of password regulations and their associated punishment regimes. The thesis then presents a discourse-analytic investigation of the interpretative repertoires users draw on to describe aspects of password security, and of the effect of those repertoires on users' password practices. This investigation also shows that users might at times structure their discourse about password security issues in a manner that makes it possible for them to justify malpractice. The use of discourse analysis to investigate these issues is a methodological contribution to the field of human-computer interaction. The opportunistic use of quantitative data that had been collected prior to a re-conceptualisation of the research approach is used to examine the extent to which users violate password regulations. An analysis of all the qualitative data collected allows a first insight into the specific insecure behaviours that users choose in particular situations. Persuasive password security, an integration of all these findings into an applicable approach to improving user behaviour, is presented, and specific recommendations on how to improve users' password practices in organizations are made.

Type: Thesis (Doctoral)
Title: Persuasive password security
Identifier: PQ ETD:593486
Open access status: An open access version is available from UCL Discovery
Language: English
Additional information: Thesis digitised by ProQuest.
URI: https://discovery.ucl.ac.uk/id/eprint/1446157
Downloads since deposit
242Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item