IDEAS home Printed from https://ideas.repec.org/a/taf/titdxx/v20y2014i2p196-213.html
   My bibliography  Save this article

Improving Password Cybersecurity Through Inexpensive and Minimally Invasive Means: Detecting and Deterring Password Reuse Through Keystroke-Dynamics Monitoring and Just-in-Time Fear Appeals

Author

Listed:
  • Jeffrey L. Jenkins
  • Mark Grimes
  • Jeffrey Gainer Proudfoot
  • Paul Benjamin Lowry

Abstract

Password reuse - using the same password for multiple accounts - is a prevalent phenomenon that can make even the most secure systems vulnerable. When passwords are reused across multiple systems, hackers may compromise accounts by stealing passwords from low-security sites to access sites with higher security. Password reuse can be particularly threatening to users in developing countries in which cybersecurity training is limited, law enforcement of cybersecurity is non-existent, or in which programs to secure cyberspace are limited. This article proposes a two-pronged solution for reducing password reuse through detection and mitigation. First, based on the theories of routine, cognitive load and motor movement, we hypothesize that password reuse can be detected by monitoring characteristics of users' typing behavior (i.e. keystroke dynamics ). Second, based on protection motivation theory, we hypothesize that providing just-in-time fear appeals when a violation is detected will decrease password reuse. We tested our hypotheses in an experiment and found that users' keystroke dynamics are diagnostic of password reuse. By analyzing changes in typing patterns, we were able to detect password reuse with 81.71% accuracy. We also found that just-in-time fear appeals decrease password reuse; 88.41% of users who received a fear appeal subsequently created unique passwords, whereas only 4.45% of users who did not receive a fear appeal created unique passwords. Our results suggest that future research should continue to examine keystroke dynamics as an indicator of cybersecurity behaviors and use just-in-time fear appeals as a method for reducing non-secure behavior. The findings of our research provide a practical and cost-effective solution to bolster cybersecurity through discouraging password reuse.

Suggested Citation

  • Jeffrey L. Jenkins & Mark Grimes & Jeffrey Gainer Proudfoot & Paul Benjamin Lowry, 2014. "Improving Password Cybersecurity Through Inexpensive and Minimally Invasive Means: Detecting and Deterring Password Reuse Through Keystroke-Dynamics Monitoring and Just-in-Time Fear Appeals," Information Technology for Development, Taylor & Francis Journals, vol. 20(2), pages 196-213, April.
    • Handle: RePEc:taf:titdxx:v:20:y:2014:i:2:p:196-213
    DOI: 10.1080/02681102.2013.814040
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1080/02681102.2013.814040
    Download Restriction: Access to full text is restricted to subscribers.
    File URL: https://libkey.io/10.1080/02681102.2013.814040?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Vicki McKinney & Kanghyun Yoon & Fatemeh “Mariam” Zahedi, 2002. "The Measurement of Web-Customer Satisfaction: An Expectation and Disconfirmation Approach," Information Systems Research, INFORMS, vol. 13(3), pages 296-315, September.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Yan Chen & Dennis F. Galletta & Paul Benjamin Lowry & Xin (Robert) Luo & Gregory D. Moody & Robert Willison, 2021. "Understanding Inconsistent Employee Compliance with Information Security Policies Through the Lens of the Extended Parallel Process Model," Information Systems Research, INFORMS, vol. 32(3), pages 1043-1065, September.
    2. Bayuk, Julia Belyavsky & Patrick, Vanessa M., 2021. "Is the uphill road the one more taken? How task complexity prompts action on non-pressing tasks," Journal of Business Research, Elsevier, vol. 128(C), pages 436-449.
    3. Supunmali Ahangama, 2023. "Relating Social Media Diffusion, Education Level and Cybersecurity Protection Mechanisms to E-Participation Initiatives: Insights from a Cross-Country Analysis," Information Systems Frontiers, Springer, vol. 25(5), pages 1695-1711, October.
    4. Warut Khern-am-nuai & Matthew J. Hashim & Alain Pinsonneault & Weining Yang & Ninghui Li, 2023. "Augmenting Password Strength Meter Design Using the Elaboration Likelihood Model: Evidence from Randomized Experiments," Information Systems Research, INFORMS, vol. 34(1), pages 157-177, March.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Zhiyi Zhuo, 2019. "Research on using Six Sigma management to improve bank customer satisfaction," International Journal of Quality Innovation, Springer, vol. 5(1), pages 1-14, December.
    2. Zhang, Yufei & Voorhees, Clay M. & Lin, Chen & Chiang, Jeongwen & Hult, G.Tomas M. & Calantone, Roger J., 2022. "Information Search and Product Returns Across Mobile and Traditional Online Channels," Journal of Retailing, Elsevier, vol. 98(2), pages 260-276.
    3. Verhagen, Tibert & Meents, Selmar, 2007. "A Framework for Developing Semantic Differentials in IS research: Assessing the Meaning of Electronic Marketplace Quality (EMQ)," Serie Research Memoranda 0016, VU University Amsterdam, Faculty of Economics, Business Administration and Econometrics.
    4. Chiyao Sun & Ji’an Liu & Liana Razmerita & Yanru Xu & Jia Qi, 2022. "Higher Education to Support Sustainable Development: The Influence of Information Literacy and Online Learning Process on Chinese Postgraduates’ Innovation Performance," Sustainability, MDPI, vol. 14(13), pages 1-16, June.
    5. S, Suresh Kumar & S R, Shehnaz & Salam, Shiny, 2020. "Resurgence of small eateries– The successful business model of online Food Apps in major cities of Kerala," MPRA Paper 109185, University Library of Munich, Germany.
    6. Dr. Neelotpaul Banerjee & Santosh Sah, 2012. "A Comparative Study of Customers¡¯ Perceptions of Service Quality Dimensions between Public and Private Banks in India," International Journal of Business Administration, International Journal of Business Administration, Sciedu Press, vol. 3(5), pages 33-44, September.
    7. Lin Li & Kyung Young Lee & Emmanuel Emokpae & Sung-Byung Yang, 2021. "What makes you continuously use chatbot services? Evidence from chinese online travel agencies," Electronic Markets, Springer;IIM University of St. Gallen, vol. 31(3), pages 575-599, September.
    8. Akaret Tangsuwan & Paul Mason, 2019. "Towards improved understanding of success criteria for telecoms billing & revenue management systems: from implementation to practical value," Journal of Revenue and Pricing Management, Palgrave Macmillan, vol. 18(3), pages 256-265, June.
    9. Dennis F. Galletta & Raymond M. Henry & Scott McCoy & Peter Polak, 2006. "When the Wait Isn’t So Bad: The Interacting Effects of Website Delay, Familiarity, and Breadth," Information Systems Research, INFORMS, vol. 17(1), pages 20-37, March.
    10. Yogesh K. Dwivedi & David Wastell & Sven Laumer & Helle Zinner Henriksen & Michael D. Myers & Deborah Bunker & Amany Elbanna & M. N. Ravishankar & Shirish C. Srivastava, 2015. "Research on information systems failures and successes: Status update and future directions," Information Systems Frontiers, Springer, vol. 17(1), pages 143-157, February.
    11. Emmanuel W. Ayaburi & Jaeung Lee & Michele Maasberg, 0. "Understanding Crowdsourcing Contest Fitness Strategic Decision Factors and Performance: An Expectation-Confirmation Theory Perspective," Information Systems Frontiers, Springer, vol. 0, pages 1-14.
    12. Yang, Xue, 2021. "Determinants of consumers’ continuance intention to use social recommender systems: A self-regulation perspective," Technology in Society, Elsevier, vol. 64(C).
    13. Christophe Bezes & Bertrand Belvaux, 2012. "Which elements of differentiation for commercial websites? A transmitted image approach [Quels éléments de différenciation pour les sites web marchands ? Une approche par l'image transmise]," Post-Print hal-02086743, HAL.
    14. Supratim Kundu & Swapnajit Chakraborti, 2022. "A comparative study of online consumer reviews of Apple iPhone across Amazon, Twitter and MouthShut platforms," Electronic Commerce Research, Springer, vol. 22(3), pages 925-950, September.
    15. Dan J. Kim & Donald L. Ferrin & H. Raghav Rao, 2009. "Trust and Satisfaction, Two Stepping Stones for Successful E-Commerce Relationships: A Longitudinal Exploration," Information Systems Research, INFORMS, vol. 20(2), pages 237-257, June.
    16. Enrique Bernal Jurado & Adoración Mozas Moral & Miguel Jesús Medina Viruel & Domingo Fernández Uclés, 2018. "Evaluation of Corporate Websites and Their Influence on the Performance of Olive Oil Companies," Sustainability, MDPI, vol. 10(4), pages 1-11, April.
    17. Wu, Ing-Long, 2013. "The antecedents of customer satisfaction and its link to complaint intentions in online shopping: An integration of justice, technology, and trust," International Journal of Information Management, Elsevier, vol. 33(1), pages 166-176.
    18. Jin Li & Yulan Zhang & Jianping Li & Jiangze Du, 2023. "The Role of Sentiment Tendency in Affecting Review Helpfulness for Durable Products: Nonlinearity and Complementarity," Information Systems Frontiers, Springer, vol. 25(4), pages 1459-1477, August.
    19. Her-Sen Doong & Hsiangchu Lai, 2008. "Exploring usage continuance of e-negotiation systems: expectation and disconfirmation approach," Group Decision and Negotiation, Springer, vol. 17(2), pages 111-126, March.
    20. Sriram Thirumalai & Kingshuk K. Sinha, 2013. "To Personalize or Not to Personalize Online Purchase Interactions: Implications of Self-Selection by Retailers," Information Systems Research, INFORMS, vol. 24(3), pages 683-708, September.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:taf:titdxx:v:20:y:2014:i:2:p:196-213. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Longhurst (email available below). General contact details of provider: http://www.tandfonline.com/titd20 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.