BT Technology Journal

, Volume 19, Issue 3, pp 122–131 | Cite as

Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security

  • M A Sasse
  • S Brostoff
  • D Weirich


The security research community has recently recognised that user behaviour plays a part in many security failures, and it has become common to refer to users as the ‘weakest link in the security chain’. We argue that simply blaming users will not lead to more effective security systems. Security designers must identify the causes of undesirable user behaviour, and address these to design effective security systems. We present examples of how undesirable user behaviour with passwords can be caused by failure to recognise the characteristics of human memory, unattainable or conflicting task demands, and lack of support, training and motivation. We conclude that existing human/computer interaction knowledge and techniques can be used to prevent or address these problems, and outline a vision of a holistic design approach for usable and effective security.


Information System Communication Network User Interface Research Community Design Approach 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Schneier B: ‘Secrets and Lies’, John Wiley and Sons (2000).Google Scholar
  2. 2.
    Poulsen K: ‘Mitnick to lawmakers: People, phones and weakest links’, (March 2000)- Scholar
  3. 3.
    Reason J: ‘Human Error’, Cambridge University Press, Cambridge, UK (1990).Google Scholar
  4. 4.
    Adams A and Sasse M A: ‘Users are not the enemy’, Communications of the ACM, 42, No 12 (December 1999).Google Scholar
  5. 5.
    Brostoff S and Sasse M A: ‘Are Passfaces more usable than passwords? A field trial investigation’, in McDonald S et al (Eds): ‘People and Computers XIV-Usability or Else’, Proceedings of HCI, Sunderland, UK, pp 405–424, Springer (September 2000).Google Scholar
  6. 6.
    Rejman-Greene M: ‘Biometrics-real identities for a virtual world’, BT Technol J, 19, No 3, pp 115–121 (July 2001).Google Scholar
  7. 7.
    FIPS: ‘Password Usage’, Federal Information Processing Standards Publication (May 1985).Google Scholar
  8. 8.
    Adams A, Sasse M A and Lunt P: ‘Making passwords secure and usable’, in Thimbleby H et al (Eds): ‘People and Computers XII’, Proceedings of HCI'97, Bristol, Springer (August 1997).Google Scholar
  9. 9.
    Nielsen J: ‘Security and Human Factors’, Alertbox (November 2000)- Scholar
  10. 10.
    Haskett J A: ‘Pass-algorithms: a user validation scheme based on knowledge of secret algorithms’, Communications of the ACM, 27, No 8, pp 777–781 (1984).Google Scholar
  11. 11.
    Zviran M and Haga W J: ‘A comparison of password techniques for multilevel authentication mechanisms’, The Computer Journal, 36, No 3, pp 227–237 (1993).Google Scholar
  12. 12.
    Zviran M and Haga W J: ‘Cognitive passwords: the key to easy access control’, Computers and Security, 9, No 8, pp 723–736 (1990).Google Scholar
  13. 13.
    Ellison C, Hall C, Milbert R and Schneier B: ‘Protecting secret keys with personal entropy’,- pdfGoogle Scholar
  14. 14.
    Spector Y and Ginzberg J: ‘Pass sentence-a new approach to computer code’, Computers and Security, 13, No 2, pp 145–160 (1994).Google Scholar
  15. 15.
    Passlogix® Inc- &loc=whoGoogle Scholar
  16. 16.
    Dhamija R, Perrig A and Deja V: ‘A User Study-Using Images for Authentication’, Proceedings of the 9th USENIX Security Symposium, Denver, Colorado (2000).Google Scholar
  17. 17.
    PassfacesTM- Scholar
  18. 18.
    Valentine T: ‘An evaluation of the PassfaceTM personal authentication system’, (Technical Report) Goldmsiths College, University of London (1998).Google Scholar
  19. 19.
    Valentine T: ‘Memory for PassfacesTM after a long delay’, (Technical Report) Goldsmiths College, University of London (1999).Google Scholar
  20. 20.
    Whitten A and Tygar J D: ‘Why Johnny can't encrypt: A usability evaluation of PGP 5.0’, Proceedings of the 8th USENIX security composium, Washington (August 1999).Google Scholar
  21. 21.
    Beyer H and Holtzblatt K: ‘Contextual design’, Morgan Kauffmann (1997).Google Scholar
  22. 22.
    Rogers R W: ‘A protection motivation theory of fear appeals and 22 change’, The Journal of Psychology, 91, pp 93–114 (1975).Google Scholar
  23. 23.
    Brostoff S and Sasse MA: ‘Safe and sound: a safety-critical design approach to security’, to be presented at the 10th ACM/SIGSAC New Security Paradigms Workshop, Cloudcroft, New Mexico (September 2001) (in press).Google Scholar
  24. 24.
    Weirich D and Sasse M A: ‘Pretty good persuasion: a first step towards effective password security for the real world’, to be presented at the 10th ACM/SIGSAC New Security Paradigms Workshop, Cloudcroft, New Mexico (September 2001) (in press).Google Scholar

Copyright information

© Kluwer Academic Publishers 2001

Authors and Affiliations

  • M A Sasse
  • S Brostoff
  • D Weirich

There are no affiliations available

Personalised recommendations