PASSWORD SECURITY

Password Security

Abstract

The most challenging security weaknesses of a password authentication scheme in relation to the careless behaviour of users have been highlighted in this project. Moreover, the existing complex and hard-to-implement alternatives will also be discussed in order to cope with them. It helps users of any system to reduce careless behaviour on the security of their accounts. In this project, 40 percent of the general public was surveyed about the impact of their carelessness on password management problem and the extent of such bad behaviour. Results indicate that careless behaviour of users has directly impacted the process of password management, which has led to loss of passwords, thereby preventing access to their accounts. Furthermore, combining different methods of identity authentication, two-factor authentication could lead to a better level of security.

Password Security

1.0 Introduction

Authentication is critical to the security of many systems that provide services over insecure networks (Tsai, Lee, & Hwang, 2006). Recently there have been many proposals for identity authentication and a number of different mechanisms are used to improve security. Many of these have been shown to be insecure, complicated, costly, ineffective, or unacceptable by users. Human behaviour is one of the weaknesses of password authentication; a user may feel secure with the chosen password, without realizing that someone could be trying to gain access to his/her protected account. The main methods of identity authentications are (Golofit, 2007) (Furnell, Dowland, Illingworth, & Reynolds, 2000):

Something you know: password or PIN

Something you have, involving physical factors like cards or other tokens.

Something you are, biometric information: fingerprint, voiceprints.

Someplace where you are, position-based authentication: by determining the user location.

This project will explain the main problems of password security which are affected by human behaviour and the extent of their impact on authentication weaknesses.

1.1 Aims

This project aims to:

Find out the common factors that cause the identity authentication systems to be insecure.

Identify the major weaknesses of password authentication usually made by users, which eventually would lead to an improvement in the security of the system.

To find out how to make people aware of choosing the best password for their accounts.

Objectives

The information in this project informs users about the common mistakes made while selecting a pin or password for the account, henceforth helping in the improvement of authentication security.2.0 Research Methods

In this study, a mixture of secondary and primary research has been used. The secondary research has been carried out to find out general information about authentication management and to collect reliable information and considerations of human behaviour, in addition to the negative impact on password authentication management. The references that have been used for this purpose are books, journals and official websites.

The primary research was done using a questionnaire which was given to the general public with passwords. The questionnaire was circulated at Commercial Road, Gunwharf Quays and Palmerston Mansions. Twenty people were surveyed on Wednesday August 14th and 15th, 2012 between16:30 and 18:30, with nearly an equal number of males and females. Additionally, twenty respondents also participated in the same questionnaire which ...