Factors for measuring password-based authentication practices

Author(s)

Herbert J. Mattord
Yair Levy, Nova Southeastern UniversityFollow
Steven M. Furnell, Plymouth University

Document Type

Article

Publication Title

Journal of Information Privacy and Security

ISSN

1553-6548

Publication Date

1-1-2014

Abstract

Organizations rely on password-based authentication methods to control access to their Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in such systems, focusing on three component areas: 1) password strength requirements, 2) password usage methods, and 3) password reset requirements. This study explores the criteria required to define these component areas and validated proposed measurement criteria by use of an expert panel from industry and academia. An opportunity sample of web-based ISs in two groups were assessed to examine the use of the Authentication Method System Index (AMSI).

DOI

10.1080/15536548.2014.924812

Volume

10

Issue

2

First Page

71

Last Page

94

NSUWorks Citation

Mattord, Herbert J.; Levy, Yair; and Furnell, Steven M., "Factors for measuring password-based authentication practices" (2014). CCE Faculty Articles. 15.
https://nsuworks.nova.edu/gscis_facarticles/15