CEC Faculty Proceedings, Presentations, Speeches and Lectures


Assessing relative weights of authentication components: An expert panel approach

Event Location / Date(s)

Orlando, FL / 2012

Document Type

Conference Proceeding

Presentation Date


Conference Name / Publication Title

Proceedings of the Pre-International Conference of Information Systems (ICIS) SIGSEC - Workshop on Information Security and Privacy (WISP) 2012

First Page


Last Page



Organizations rely on password-based authentication methods to control access to many Web-based systems. In a recent study, we developed a benchmarking instrument to assess the authentication methods used in these contexts. Our instrument developed included extensive literature foundation and an expert panel assessment. This paper reports on the development of the instrument and the expert panel assessment. The initial draft of the instrument was derived from literature to assess 1) password strength requirements, 2) password usage methods, and 3) password reset requirements. Following, the criteria within the index were evaluated by an expert panel and the same panel provided opinions on the relative weights of the criteria and the measures. The expert panel results were collected and analyzed using Multi-Criteria Decision Analysis (MCDA) techniques. We conclude with discussions on how the criteria were assembled, how the expert panel was conducted, and reporting the results from the panel. The results reported include the relative weights within te password usage and password reset measures as well as the relative weights of the three measures within the index.


Conference website: http://aisel.aisnet.org/wisp2012/