Abstract
This article presents a research concerning password management and single sign-on for accessing Internet applications. Many Internet applications require users to subscribe to their services and authenticate themselves through the use of login credentials. The number of such applications is increasing exponentially, which caused ineffective login credential management among users. This study was conducted with two objectives (i) to identify how users manage their usernames and passwords and (ii) to examine whether users see the benefits of single sign-on. To achieve these objectives, a focus group interview was conducted on students from a local university. The results of the study suggested that the students did not practise proper password management. Further, it suggested that single sign-on may not be the immediate solution to improve the students’ password management.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Zhang, J., Luo, X., Akkaladevi, S., Ziegelmayer, J.: Improving multiple-password recall: an empirical study. Eur. J. Inf. Syst. 18, 165–176 (2009)
Cameron, K., Jones, M.B.: Design rationale behind the identity metasystem architecture. ISSE/SECURE 2007 Securing Electronic Business Processes, pp. 117–129. Springer, Berlin (2007)
Riedel, M., Mallmann, D., Streit, A.: Enhancing scientific workflows with secure shell functionality in UNICORE grids. First International Conference on e-Science and Grid Computing, pp. 8–139. IEEE, New Jersey (2005)
Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th international conference on World Wide Web, pp. 657–666. ACM (2007)
Bang, Y., Lee, D.-J., Bae, Y.-S., Ahn, J.-H.: Improving information security management: an analysis of ID–password usage and a new login vulnerability measure. Int. J. Inf. Manage. 32, 409–418 (2012)
Ciampa, M., Revels, M., Enamait, J.: Online versus local password management applications: an analysis of user training and reactions. J. Appl. Secur. Res. 6, 449–466 (2011)
Summers, W.C., Bosworth, E.: Password policy: the good, the bad, and the ugly. In: Proceedings of the winter international symposium on information and communication technologies, pp. 1–6. Trinity College Dublin (2004)
Tam, L., Glassman, M., Vandenwauver, M.: The psychology of password management: a tradeoff between security and convenience. Behav. Inf. Technol. 29, 233–244 (2010)
Kumar, N.: Password in practice: an usability survey. J. Glob. Res. Comput. Sci. 2, 107–112 (2011)
Ciampa, M.: Are password management applications viable? An analysis of user training and reactions. Inf. Syst. Educ. J. 9, 4 (2011)
Hardy, G.: The truth behind single sign-on. Inf. Secur. Tech. Rep. 1, 46–55 (1996)
Clercq, J.D.: Single sign-on architectures. Proceedings of the International Conference on Infrastructure Security, pp. 40–58. Springer, Berlin (2002)
Radha, V., Reddy, D.H.: A survey on single sign-on techniques. Procedia Technol. 4, 134–139 (2012)
SAML. (2013). Welcome to SAML Oasis.org. Available: http://saml.xml.org/
OpenID. (2013). The Benefits of OpenID. Available: http://openid.net/get-an-openid/individuals/
Acknowledgments
This work was supported in part by a grant from Universiti Utara Malaysia (LEADS—S/O Code: 12397).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Katuk, N., Tahir, H.M., Zakaria, N.H., Halim, M.S. (2015). Can Single Sign-on Improve Password Management? A Focus Group Study. In: Abraham, A., Muda, A., Choo, YH. (eds) Pattern Analysis, Intelligent Security and the Internet of Things. Advances in Intelligent Systems and Computing, vol 355. Springer, Cham. https://doi.org/10.1007/978-3-319-17398-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-17398-6_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17397-9
Online ISBN: 978-3-319-17398-6
eBook Packages: EngineeringEngineering (R0)