Passphrase and keystroke dynamics authentication: security and usability
- Authors: Bhana, Bhaveer
- Date: 2020
- Subjects: Computer security -- Management , Computers -- Access control -- Codewords , Computers -- Access control -- Keystroke timing authentication , Entropy (Information theory)
- Language: English
- Type: text , Thesis , Doctoral , PhD
- Identifier: http://hdl.handle.net/10962/146663 , vital:38546
- Description: It was found that employees spend a total 2.25 days within a 60 day period on password related activities. Another study found that over 85 days an average user will create 25 accounts with an average of 6.5 unique passwords. These numbers are expected to increase over time as more systems become available. In addition, the use of 6.5 unique passwords highlight that passwords are being reused which creates security concerns as multiple systems will be accessible by an unauthorised party if one of these passwords is leaked. Current user authentication solutions either increase security or usability. When security increases, usability decreases, or vice versa. To add to this, stringent security protocols encourage unsecure behaviours by the user such as writing the password down on a piece of paper to remember it. It was found that passphrases require less cognitive effort than passwords and because passphrases are stronger than passwords, they don’t need to be changed as frequently as passwords. This study aimed to assess a two-tier user authentication solution that increases security and usability. The proposed solution uses passphrases in conjunction with keystroke dynamics to address this research problem. The design science research approach was used to guide this study. The study’s theoretical foundation includes three theories. The Shannon entropy formula was used to calculate the strength of passwords, passphrases and keystroke dynamics. The chunking theory assisted in assessing password and passphrase memorisation issues and the keystroke-level model was used to assess password and passphrase typing issues. Two primary data collection methods were used to evaluate the findings and to ensure that gaps in the research were filled. A login assessment experiment collected data on user authentication and user-system interaction for passwords and passphrases. Plus, an expert review was conducted to verify findings and assess the research artefact in the form of a model. The model can be used to assist with the implementation of a two-tier user authentication solution which involves passphrases and keystroke dynamics. There are a number of components that need to be considered to realise the benefits of this solution and ensure successful implementation.
- Full Text:
- Date Issued: 2020
- Authors: Bhana, Bhaveer
- Date: 2020
- Subjects: Computer security -- Management , Computers -- Access control -- Codewords , Computers -- Access control -- Keystroke timing authentication , Entropy (Information theory)
- Language: English
- Type: text , Thesis , Doctoral , PhD
- Identifier: http://hdl.handle.net/10962/146663 , vital:38546
- Description: It was found that employees spend a total 2.25 days within a 60 day period on password related activities. Another study found that over 85 days an average user will create 25 accounts with an average of 6.5 unique passwords. These numbers are expected to increase over time as more systems become available. In addition, the use of 6.5 unique passwords highlight that passwords are being reused which creates security concerns as multiple systems will be accessible by an unauthorised party if one of these passwords is leaked. Current user authentication solutions either increase security or usability. When security increases, usability decreases, or vice versa. To add to this, stringent security protocols encourage unsecure behaviours by the user such as writing the password down on a piece of paper to remember it. It was found that passphrases require less cognitive effort than passwords and because passphrases are stronger than passwords, they don’t need to be changed as frequently as passwords. This study aimed to assess a two-tier user authentication solution that increases security and usability. The proposed solution uses passphrases in conjunction with keystroke dynamics to address this research problem. The design science research approach was used to guide this study. The study’s theoretical foundation includes three theories. The Shannon entropy formula was used to calculate the strength of passwords, passphrases and keystroke dynamics. The chunking theory assisted in assessing password and passphrase memorisation issues and the keystroke-level model was used to assess password and passphrase typing issues. Two primary data collection methods were used to evaluate the findings and to ensure that gaps in the research were filled. A login assessment experiment collected data on user authentication and user-system interaction for passwords and passphrases. Plus, an expert review was conducted to verify findings and assess the research artefact in the form of a model. The model can be used to assist with the implementation of a two-tier user authentication solution which involves passphrases and keystroke dynamics. There are a number of components that need to be considered to realise the benefits of this solution and ensure successful implementation.
- Full Text:
- Date Issued: 2020
Passphrase and Keystroke Dynamics Authentication: Usable Security
- Bhana, Bhaveer, Flowerday, Stephen
- Authors: Bhana, Bhaveer , Flowerday, Stephen
- Date: 2020
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/158372 , vital:40178 , https://doi.org/10.1016/j.cose.2020.101925
- Description: It was found that employees spend a total of 2.25 days within 60 days on password-related activities. The time consumed by this is unproductive and has a negative impact on usability. The problem is caused by current text-based user authentication policies in use. This study aims to address this research problem by assessing the effectiveness of a proposed two-tier user authentication solution involving passphrases and keystroke dynamics.
- Full Text:
- Date Issued: 2020
- Authors: Bhana, Bhaveer , Flowerday, Stephen
- Date: 2020
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/158372 , vital:40178 , https://doi.org/10.1016/j.cose.2020.101925
- Description: It was found that employees spend a total of 2.25 days within 60 days on password-related activities. The time consumed by this is unproductive and has a negative impact on usability. The problem is caused by current text-based user authentication policies in use. This study aims to address this research problem by assessing the effectiveness of a proposed two-tier user authentication solution involving passphrases and keystroke dynamics.
- Full Text:
- Date Issued: 2020
Ensuring high quality public safety data in participatory crowdsourcing used as a smart city initiative
- Authors: Bhana, Bhaveer
- Date: 2013
- Language: English
- Type: Thesis , Masters , MCom (Information Systems)
- Identifier: vital:11141 , http://hdl.handle.net/10353/d1014673
- Description: The increase in urbanisation is making the management of city resources a difficult task. Data collected through observations of the city surroundings can be used to improve decision-making in terms of manage city resources. However, the data collected must be of quality in order to ensure that effective and efficient decisions are made. This study is focused on improving emergency and non-emergency services (city resources) by using Participatory Crowdsourcing as a data collection method (collect public safety data) utilising voice technology in the form of an advanced IVR system known as the Spoken Web. The study illustrates how Participatory Crowdsourcing can be used as a Smart City initiative by illustrating what is required to contribute to the Smart City, and developing a roadmap in the form of a model to assist decision-making when selecting the optimal Crowdsourcing initiative. A Public Safety Data Quality criteria was also developed to assess and identify the problems affecting Data Quality. This study is guided by the Design Science methodology and utilises two driving theories: the characteristics of a Smart City, and Wang and Strong’s (1996) Data Quality Framework. Five Critical Success Factors were developed to ensure high quality public safety data is collected through Participatory Crowdsourcing utilising voice technologies. These Critical Success Factors include: Relevant Public Safety Data, Public Safety Reporting Instructions, Public Safety Data Interpretation and Presentation Format, Public Safety Data Integrity and Security, and Simple Participatory Crowdsourcing System Setup.
- Full Text:
- Date Issued: 2013
- Authors: Bhana, Bhaveer
- Date: 2013
- Language: English
- Type: Thesis , Masters , MCom (Information Systems)
- Identifier: vital:11141 , http://hdl.handle.net/10353/d1014673
- Description: The increase in urbanisation is making the management of city resources a difficult task. Data collected through observations of the city surroundings can be used to improve decision-making in terms of manage city resources. However, the data collected must be of quality in order to ensure that effective and efficient decisions are made. This study is focused on improving emergency and non-emergency services (city resources) by using Participatory Crowdsourcing as a data collection method (collect public safety data) utilising voice technology in the form of an advanced IVR system known as the Spoken Web. The study illustrates how Participatory Crowdsourcing can be used as a Smart City initiative by illustrating what is required to contribute to the Smart City, and developing a roadmap in the form of a model to assist decision-making when selecting the optimal Crowdsourcing initiative. A Public Safety Data Quality criteria was also developed to assess and identify the problems affecting Data Quality. This study is guided by the Design Science methodology and utilises two driving theories: the characteristics of a Smart City, and Wang and Strong’s (1996) Data Quality Framework. Five Critical Success Factors were developed to ensure high quality public safety data is collected through Participatory Crowdsourcing utilising voice technologies. These Critical Success Factors include: Relevant Public Safety Data, Public Safety Reporting Instructions, Public Safety Data Interpretation and Presentation Format, Public Safety Data Integrity and Security, and Simple Participatory Crowdsourcing System Setup.
- Full Text:
- Date Issued: 2013
- «
- ‹
- 1
- ›
- »