The security research community has recently recognised that user behaviour plays a part in many security failures, and it has become common to refer to users as the ‘weakest link in the security chain’. We argue that simply blaming users will not lead to more effective security systems. Security designers must identify the causes of undesirable user behaviour, and address these to design effective security systems. We present examples of how undesirable user behaviour with passwords can be caused by failure to recognise the characteristics of human memory, unattainable or conflicting task demands, and lack of support, training and motivation. We conclude that existing human/computer interaction knowledge and techniques can be used to prevent or address these problems, and outline a vision of a holistic design approach for usable and effective security.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Price excludes VAT (USA)
Tax calculation will be finalised during checkout.
Schneier B: ‘Secrets and Lies’, John Wiley and Sons (2000).
Poulsen K: ‘Mitnick to lawmakers: People, phones and weakest links’, (March 2000)-http://www.politechbot.com/p-00969.html
Reason J: ‘Human Error’, Cambridge University Press, Cambridge, UK (1990).
Adams A and Sasse M A: ‘Users are not the enemy’, Communications of the ACM, 42, No 12 (December 1999).
Brostoff S and Sasse M A: ‘Are Passfaces more usable than passwords? A field trial investigation’, in McDonald S et al (Eds): ‘People and Computers XIV-Usability or Else’, Proceedings of HCI, Sunderland, UK, pp 405–424, Springer (September 2000).
Rejman-Greene M: ‘Biometrics-real identities for a virtual world’, BT Technol J, 19, No 3, pp 115–121 (July 2001).
FIPS: ‘Password Usage’, Federal Information Processing Standards Publication (May 1985).
Adams A, Sasse M A and Lunt P: ‘Making passwords secure and usable’, in Thimbleby H et al (Eds): ‘People and Computers XII’, Proceedings of HCI'97, Bristol, Springer (August 1997).
Nielsen J: ‘Security and Human Factors’, Alertbox (November 2000)-http://www.useit.com/alertbox/20001126.html
Haskett J A: ‘Pass-algorithms: a user validation scheme based on knowledge of secret algorithms’, Communications of the ACM, 27, No 8, pp 777–781 (1984).
Zviran M and Haga W J: ‘A comparison of password techniques for multilevel authentication mechanisms’, The Computer Journal, 36, No 3, pp 227–237 (1993).
Zviran M and Haga W J: ‘Cognitive passwords: the key to easy access control’, Computers and Security, 9, No 8, pp 723–736 (1990).
Ellison C, Hall C, Milbert R and Schneier B: ‘Protecting secret keys with personal entropy’,-http://www.counterpane.com/personalentropy. pdf
Spector Y and Ginzberg J: ‘Pass sentence-a new approach to computer code’, Computers and Security, 13, No 2, pp 145–160 (1994).
Passlogix® Inc-http://www.v-go.com/nav.asp?sec=company &loc=who
Dhamija R, Perrig A and Deja V: ‘A User Study-Using Images for Authentication’, Proceedings of the 9th USENIX Security Symposium, Denver, Colorado (2000).
Valentine T: ‘An evaluation of the PassfaceTM personal authentication system’, (Technical Report) Goldmsiths College, University of London (1998).
Valentine T: ‘Memory for PassfacesTM after a long delay’, (Technical Report) Goldsmiths College, University of London (1999).
Whitten A and Tygar J D: ‘Why Johnny can't encrypt: A usability evaluation of PGP 5.0’, Proceedings of the 8th USENIX security composium, Washington (August 1999).
Beyer H and Holtzblatt K: ‘Contextual design’, Morgan Kauffmann (1997).
Rogers R W: ‘A protection motivation theory of fear appeals and 22 change’, The Journal of Psychology, 91, pp 93–114 (1975).
Brostoff S and Sasse MA: ‘Safe and sound: a safety-critical design approach to security’, to be presented at the 10th ACM/SIGSAC New Security Paradigms Workshop, Cloudcroft, New Mexico (September 2001) (in press).
Weirich D and Sasse M A: ‘Pretty good persuasion: a first step towards effective password security for the real world’, to be presented at the 10th ACM/SIGSAC New Security Paradigms Workshop, Cloudcroft, New Mexico (September 2001) (in press).
About this article
Cite this article
Sasse, M.A., Brostoff, S. & Weirich, D. Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security. BT Technology Journal 19, 122–131 (2001). https://doi.org/10.1023/A:1011902718709
- Information System
- Communication Network
- User Interface
- Research Community
- Design Approach