A1 Journal article (refereed)
How Memory Anxiety Can Influence Password Security Behavior (2024)
Woods, N., & Siponen, M. (2024). How Memory Anxiety Can Influence Password Security Behavior. Computers and Security, 137, Article 103589. https://doi.org/10.1016/j.cose.2023.103589
JYU authors or editors
Publication details
All authors or editors: Woods, Naomi; Siponen, Mikko
Journal or series: Computers and Security
ISSN: 0167-4048
eISSN: 1872-6208
Publication year: 2024
Volume: 137
Article number: 103589
Publisher: Elsevier
Publication country: United Kingdom
Publication language: English
DOI: https://doi.org/10.1016/j.cose.2023.103589
Publication open access: Openly available
Publication channel open access: Partially open access channel
Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/92121
Abstract
Password reuse and modification are insecure password behaviors that are becoming increasingly prevalent as users are obliged to remember more passwords to access various digital services. Many users adopt these risky behaviors as a memory strategy in the belief that they have too many passwords for their memories to cope with. One important avenue in password research is metamemory, which encompasses the knowledge and understanding of memory capabilities and strategies. Previous research on password metamemory has examined the role that metamemory plays in memory performance (i.e., how well memory performs) and password recall. However, no previous research to date has investigated whether password reuse and modification are adopted as memory strategies due to an increase in knowledge and understanding of metamemory. To address this gap, two survey studies (Study1: N=50, Study 2: N=303) were implemented to examine the role that password metamemory plays in reusing and modifying passwords. Our findings suggest that of all metamemory constructs, users’ anxiety regarding their perceived ability to remember passwords can influence them to reuse and modify their passwords. These findings have potentially important implications because with an enhanced understanding of how users’ anxiety towards remembering passwords influences their security behavior, this could identify means of reducing password reuse and modification, thereby increasing password security and ultimately reduce some of the consequences of insecure password behaviors.
Keywords: passwords; safety and security; data security; cyber security; authentication; memory (cognition)
Contributing organizations
Ministry reporting: Yes
Reporting Year: 2024
Preliminary JUFO rating: 2