References
- AbdiHBonferroni and Sidak corrections for multiple comparisonsEncyclopedia of Measurement and Statistics2007103107
- AdamsASasseMAUsers are not the enemyCommunications of the ACM19994212414610.1145/322796.322806
- AtkinsonRCShiffrinRMHuman memory: a proposed system and its control processesThe Psychology of Learning and Motivation196889195
- BellovinSUnconventional wisdomIEEE Security & Privacy2006418810.1109/MSP.2006.28
- BenbasatIAn analysis of research methodologiesThe Information Systems Research Challenge19844785
- Bishop M (1990) A proactive password checker. Technical Report PCS-TR90-152. [WWW document] http://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/19920018383_1992018383.pdf.
- BrownASBrackenEZoccoliSDouglasKGenerating and remembering passwordsApplied Cognitive Psychology200418664165110.1002/acp.1014
- CampbellJKleemanDMaWThe good and not so good of enforcing password composition rulesInformation Systems Security20071612810.1080/10658980601051375
- CarstensDSMaloneLCMccauley-BellPApplying chunking theory in organizational password guidelinesJournal of Information, Information Technology, and Organizations2006197113
- CarstensDSMccauley-BellPRMaloneLCDemaraRFEvaluation of the human impact of password authentication practices on information securityInformation Science Journal2004716785
- CohenJStatistical Power Analysis for the Behavioral Sciences1988
- Conklin A, Dietrich G and Walz D (2004) Password-based authentication: a system perspective. In Proceedings of the 37th Hawaii International Conference on System Sciences, IEEE Computer Society, Washington, DC.
- CranorLFGarfinkelSSecure or usable?IEEE Security & Privacy200425161810.1109/MSP.2004.69
- CSI (2007) The 12th annual computer crime and security survey. [WWW document] http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2007.pdf.
- DavelaarEJGoshen-GottsteinYAshkenaziAHaarmannHJUsherMThe demise of short-term memory revisited: empirical and computational investigations of recency effectsPsychological Review2005112134210.1037/0033-295X.112.1.3
- Deloitte (2007) The 2007 technology, media, and telecommunications security survey. [WWW document] http://www.deloitte.com/dtt/cda/doc/content/dtt_tmt_securitysurvey2007.pdf.
- DennisAValacichJConducting research in information systemsCommunications of the AIS200175141
- DTI survey (2006) DTI information security breaches survey. [WWW document] http://www.pwc.co.uk/pdf/pwc_dti-fullsurveyresults06.pdf.
- Gaw S and Felten EW (2006) Password management strategies for online accounts. In Proceedings of the 2nd Symposium on Usable Privacy and Security, pp 44–55, ACM Press, New York, USA.
- Gehringer EF (2002) Choosing passwords: security and human factors. In Proceedings of 2002 International Symposium on Technology and Society, (Herkert JR, Ed) pp 369–373, IEEE Computer Society, Washington, DC.
- Hertzum M (2004) Remembering multiple passwords by way of minimal-feedback hints: replication and further analysis. In Proceedings of the Fourth Danish Human-Computer Interaction Research Symposium, (Kjeldskov J, Skov MB and Stage J, Eds) pp 21–24, Aalborg University, Aalborg, Denmark.
- HertzumMMinimal-feedback hints for remembering passwordsInteractions2006133384010.1145/1125864.1125888
- Informationweek (2007) 2007 InformationWeek/Accenture Global Information Security Survey. [WWW document] http://www.informationweek.com/whitepaper/Security/Privacy/2007-informationweek/accenture-global-information-wp1213826038953?articleID=21800009.
- IvesBWalshKRSchneiderHThe domino effect of password reuseCommunications of the ACM2004474757810.1145/975817.975820
- Lu B and Twidale MB (2003) Managing multiple passwords and multiple logins: MiFA minimal-feedback hints for remote authentication. In Proceedings of the IFIP INTERACT Conference, (Rauterberg M, Menozzi, M and Wesson J, Eds) pp 821–824, IOS Press, Zurich.
- Massad N and Beachboard J (2008) A taxonomy of service failures in electronic retailing. In Proceedings of the 41st Hawaii International Conference on System Sciences, IEEE Computer Society, Washington, DC.
- McgrathJEDilemmatics: the study of research choices and dilemmasJudgment Calls in Research198269102
- MillerGAThe magical number seven, plus or minus two: some limits on our capacity for processing informationPsychological Review195663819710.1037/h0043158
- MulliganJElbirtAJDesktop security and usability trade-offs: an evaluation of password management systemsInformation Systems Security2005142101910.1201/1086/45241.14.2.20050501/88289.3
- PC Magazine (2007) 10 most common passwords. [WWW document] http://www.pcmag.com/article2/0,2817,2113976,00.asp, 8 May.
- PCPRO (2007) Password reuse opens door to ID theft. [WWW document] http://www.pcpro.co.uk/news/106758/password-reuse-opens-door-to-id-theft.html.
- Pistolstar (2006) The myths and realities of domino R6/7 password management. [WWW document] http://managingautomation.bitpipe.com/detail/RES/1213377135_517.html.
- ProctorRWLienMCSalvendyGSchultzEEA task analysis of usability in third-party authenticationInformation Security Bulletin2000534956
- ProctorRWLienMCVuKplSchultzEESalvendyGImproving computer security for authentication of users: influence of proactive password restrictionsBehavior Research Methods, Instruments, & Computers200234216316910.3758/BF03195438
- RaaijmakersJSpacing and repetition effects in human memory: application of the SAM modelCognitive Science: A Multidisciplinary Journal200327343145210.1207/s15516709cog2703_5
- Riley S (2006) Password security: what users know and what they actually do. Usability News 8 (1). [WWW document] http://psychology.wichita.edu/surl/usabilitynews/81/Passwords.asp.
- RSA (2005) RSA security survey reveals multiple passwords creating security risks and end user frustration. [WWW document] http://www.rsa.com/press_release.aspx?id=6095.
- RSA (2006a) RSA security research shows volume of business passwords overwhelming end users and hindering IT security efforts. [WWW document] http://www.rsa.com/press_release.aspx?id=7296.
- RSA (2006b) Enterprise single sign-on solutions reduce IT helpdesk calls but raise concern amongst security experts, reveals RSA security. [WWW document] http://www.rsa.com/press_release.aspx?id=6903.
- RundusDJAnalysis of rehearsal processes in free recallJournal of Experimental Psychology1971891637710.1037/h0031185
- SchmidtSRCan we have a distinctive theory of memory?Memory & Cognition199119652354210.3758/BF03197149
- SimonHAHow big is a chunk?Science1974183412448248810.1126/science.183.4124.482
- SmithREAuthentication: From Passwords to Public Keys2002
- StantonJMStamKRMastrangeloPJoltonJAnalysis of end user security behaviorsComputers & Security20052412413310.1016/j.cose.2004.07.001
- TalmiDGradyCGoshen-GottsteinYMoscovitchMNeuroimaging the serial position curve: a test of single-store versus dual-store modelsPsychological Science200516971672310.1111/j.1467-9280.2005.01601.x
- VuKplProctorRWBhargav-SpantzelATaiBlbCookJSchultzEEImproving password security and memorability to protect personal and organizational informationInternational Journal of Human-Computer Studies20076574475710.1016/j.ijhcs.2007.03.007
- WarkentinMDavisKBekkerinGEIntroducing the check-off password systems (COPS): an advancement in user authentication methods and information securityJournal of Organizational and End User Computing2004163415810.4018/joeuc.2004070103
- WiedenbeckSWatersJBirgetJCBrodskiyAMemonNPasspoints: design and longitudinal evaluation of a graphical password systemInternational Journal of Human-Computer Studies20056310212710.1016/j.ijhcs.2005.04.010
- YanJBlackwellAAndersonRGrantAPassword memorability and security: empirical resultsIEEE Security & Privacy200425253110.1109/MSP.2004.81
- ZviranMErlichZIdentification and authentication: technology and implementation issuesCommunications of the Association for Information Systems200617190105