Passwords are the most commonly used mechanism in controlling users access to information systems. Little research has been established on the entire user password management lifecycle from the start of generating a password, maintaining the password, using the password to authenticate, then to the end of the lifespan of the password when it needs to be changed. We develop a cognitive-behavioral framework depicting the cognitive activities that users per-form within each stage, and how the stages interact with the human information processor, i.e. memory and attention resources. Individual factors are also rep-resented in the framework such as attitudes, motivations, and emotions that can affect users behaviors during the password management lifecycle. The paper discusses cognitive and behavioral activities throughout the lifecycle as well as the associated economics. We show the importance of a holistic approach in understanding users password behaviors and the framework provides guidance on future research directions.
Proceedings of the 16th International Conference on Human-Computer Interaction
June 23-27, 2014
Heraklion, Crete, -1
The 16th International Conference on Human-Computer Interaction
password, password management lifecycle, cyber security, password policy, usability, cognitive-behavioral framework, economics of passwords