Original Research
Assessment of current practices in creating and using passwords as a control mechanism for information access
South African Journal of Information Management | Vol 9, No 2 | a27 |
DOI: https://doi.org/10.4102/sajim.v9i2.27
| © 2007 P. L. Wessels, L. P. Steenkamp
| This work is licensed under CC Attribution 4.0
Submitted: 03 November 2007 | Published: 03 November 2007
Submitted: 03 November 2007 | Published: 03 November 2007
About the author(s)
P. L. Wessels, Stellenbosch University, South AfricaL. P. Steenkamp, Stellenbosch University, South Africa
Full Text:
PDF (84KB)Abstract
One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems,
applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are
assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.
applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are
assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.
Keywords
No related keywords in the metadata.
Metrics
Total abstract views: 4917Total article views: 4233
Crossref Citations
1. Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking
Martin Butler, Rika Butler
Information & Computer Security vol: 23 issue: 4 first page: 421 year: 2015
doi: 10.1108/ICS-11-2014-0074