Original Research

Some password users are more equal than others: Towards customisation of online security initiatives

Rika Butler, Martin Butler
SA Journal of Information Management | Vol 20, No 1 | a920 | DOI: https://doi.org/10.4102/sajim.v20i1.920 | © 2018 Rika Butler, Martin Butler | This work is licensed under CC Attribution 4.0
Submitted: 12 October 2017 | Published: 31 July 2018

About the author(s)

Rika Butler, School of Accountancy, Stellenbosch University, South Africa
Martin Butler, University of Stellenbosch Business School, Stellenbosch University, South Africa


Share this article

Bookmark and Share

Abstract

Background: Online security is a growing concern and user authentication through passwords remains an important mechanism to protect online assets. Research to date has highlighted the need to address human behaviour but without an indication of where the emphasis of security education, training and awareness (SETA) initiatives should be, beyond improved password practices.

 

Objectives: The aim of this study was to, through analysis of the password behaviour of South African online consumers: (1) understand the prevalence of poor password practices among consumers overall and (2) identify specific password deficiencies prevalent among different demographic groups to be focus areas for tailored intervention programmes.

 

Method: The study uses a quantitative research approach. An online survey was used to gather demographic data, perceptions about online security and applied password practices. A sample of 737 valid responses was analysed for this research.

 

Results: Based on the descriptive analysis of the responses three key observations were made. Firstly, there is a distinct difference in the incidence of poor password practices for all respondents and thus support for tailored interventions. Secondly, there are variances between the practices within different demographic groups that could be used for customisation of interventions. Finally, the different poor practices cannot be uniquely attributed to one particular set of demographics.

 

Conclusion: The study concluded that to improve computer password security in South Africa, password SETA programmes should be customised for areas where individual needs exist and not merely per password practice or demographic group.


Keywords

passwords; computer security; online; education; training; awareness

Metrics

Total abstract views: 215
Total article views: 168


Crossref Citations

No related citations found.