Sage Journals: Discover world-class research

Abstract

To determine if someone other than the user who needs to reset a user ID or password might be able to answer security access questions to accomplish the reset, I conducted a quantitative study survey that resulted in responses from 390 people with different levels of expertise in computer use. The results show that for most of these common password reset questions, participants knew the answer for one or more persons.

Keywords

computer systems HCI usability interface design controls and displays cognitive ergonomics

Get full access to this article

View all access options for this article.

References

Helft

(2010, August 13). Experts warn of a weak link in the security of web sites. The New York Times. Retrieved from http://www.nytimes.com/2010/08/14/technology/14encrypt.html?_r=1

Le Monde. (2010). Pirater une boîte mail peut se révéler un jeu d’enfant [Hacking an inbox seems to be child’s play]. Lemonde.com . Retrieved from http://www.lemonde.fr/technologies/article/2010/03/12/pirater-une-boite-mail-peut-se-revelerun-jeu-d-enfant_1318085_651865.html

Moallem

(2011). Did you forget your password? In Marcus

(Ed.), Design, user experience, and usability, Pt II, HCII, 2011, LNCS 6770 (pp. 29–39). Berlin, Germany: Springer-Verlag.

Schechter

Bernheim Brush

A. J.

Egelman

(2009). It’s no secret: Measuring the security and reliability of authentication via “secret” questions. In Proceedings of the 30th IEEE Symposium on Security and Privacy (pp. 375–390). Piscataway, NJ: IEEE.

How Many People – Besides You – Can Answer Your Security Questions?

Abstract

Keywords

Get full access to this article

References