Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.1.187

Factors that Affect the Intention of Password Security Behavior  

Lee, Dong-Hee (Chungbuk National University/Cybersecurity Economics Research Institute(CERI))
Kim, Tae-Sung (Chungbuk National University/Cybersecurity Economics Research Institute(CERI))
Jun, Hyo-Jung (Chungbuk National University/Cybersecurity Economics Research Institute(CERI))
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.1, 2018 , pp. 187-198 More about this Journal
Abstract
Recently, financial transactions and electronic commerce in cyberspace are being performed more quickly and conveniently, with the development in diverse types of fintech and biometric authentication. But user authentication using passwords still occupies a big proportion even in these new services. therefore, safe creation and management of passwords is fundamental and indispensable to protect personal information and asset. This study examined the patterns of password usage by conducting a survey and analyzed factors influencing password security behavior intentions using the heath belief model. As a result, perceived susceptibility, perceived severity, perceived benefits, and perceived barriers significantly affected security behavior intentions, and especially, perceived severity had a moderating effect in other factors.
Keywords
Password; Security behavior intention; Health belief model;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Stanton, J. M., Stam, K. R., Mastrangelo, P., and Jolton, J. "Analysis of end user security behaviors," Computers & Security, vol. 24 no. 2 pp. 124-133, 2005.   DOI
2 Guo, K. H.. "Security-related behavior in using information systems in the workplace: A review and synthesis," Computers & Security, vol. 32, no.1, pp. 242-251, 2013.   DOI
3 Zviran, M., and Haga, W. J. "Password security: an empirical study," Journal of Management Information Systems, vol. 15, no. 4, 161-185, 1999.   DOI
4 Vu, K. P. L., Proctor, R. W., Bhargav-Spantzel, A., Tai, B. L. B., Cook, J., and Schultz, E. E. "Improving password security and memorability to protect personal and organizational information," International Journal of Human-Computer Studies, vol. 65, no. 8, pp. 744-757, 2007.   DOI
5 Ives, B., Walsh, K. R., and Schneider, H. "The domino effect of password reuse," Communications of the ACM, vol. 47, no. 4, pp. 75-78, 2004.   DOI
6 Adams, A., and Sasse, M. A. "Users are not the enemy," Communications of the ACM, vol. 42, no. 12, pp. 40-46, 1999.
7 Yan, J., Blackwell, A., Anderson, R., and Grant, A. "Password memorability and security: Empirical results," IEEE Security & Privacy, vol. 2, no. 5, pp. 25-31, 2004.   DOI
8 Workman, M., Bommer, W. H., and Straub, D. "Security lapses and the omission of information security measures: A threat control model and empirical test," Computers in Human Behavior, vol. 24, no. 6, pp. 2799-2816, 2008.   DOI
9 Ifinedo, P.. "Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory," Computers & Security, vol. 31, no. 1, pp. 83-95, 2012.   DOI
10 Lee Byung-Kwan, Oh Hyun Jung, Shin Kyung Ah, & Ko Chae Young. "The effect of media campaign as a cue to action on influenza prevention behavior: extending health belief model," The Korean Journal of Advertising and Public Relations, vol. 10, no. 4, pp. 108-138, 2008.
11 Nunnally, J. C., Bernstein, I. H., & Berge, J. M. T. Psychometric Theory (Vol. 226). New York: McGraw-Hill, 1967.
12 Rosenstock, I. M., Strecher, V. J., and Becker, M. H. "The health belief model and HIV risk behavior change," In Preventing AIDS (pp. 5-24). Springer US. 1994.
13 Janz, N. K., and Becker, M. H.. "The health belief model: A decade later," Health Education & Behavior, vol. 11, no. 1, pp. 1-47, 1984.   DOI
14 Bagozzi, R. P., & Yi, Y. "On the evaluation of structural equation models," Journal of the Academy of Marketing Science, vol. 16, no. 1, pp. 74-94, 1988.   DOI
15 Fornell, C., & Larcker, D. F. "Evaluating structural equation models with unobservable variables and measurement error," Journal of Marketing Research, vol. 18, no. 1, pp. 39-50, 1981,   DOI
16 Chin, W. W., "The partial least squares approach to structural equation modeling," Modern Methods for Business Research, vol. 295, no. 2, pp. 295-336, 1998.
17 Bum Suk Jee, Liu Fan, Sang Chul Lee, and Yung Ho Suh, "Personal information protection behavior for information quality: health psychology theory perspectives," Journal of The Korean Society for Quality Management, vol. 39, no. 3, pp. 432-443, 2011.
18 Falk, R. F., & Miller, N. B. "A Primer for Soft Modeling," University of Akron Press, 1992.
19 Chin, W. W., Marcolin, B. L., & Newsted, P. R. "A partial least squares latent variable modeling approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic mail emotion/adoption study," Information Systems Research, vol. 14, no. 2, pp. 189-217, 2003.   DOI
20 Cohen, J., "A power primer," Psychological Bulletin, vol. 112, no. 1, pp. 155, 1992.   DOI
21 Ng, B. Y., Kankanhalli, A., and Xu, Y. C. "Studying users' computer security behavior: A health belief perspective," Decision Support Systems, vol. 46 no.4, pp. 815-825, 2009.   DOI
22 Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R., "Future directions for behavioral information security research," Computers & Security, vol. 32, pp. 90-101, 2013.   DOI
23 Korea internet and Security Agency. "Survey on Internet Utilization in 2015," 2015.
24 Korea internet and Security Agency, "A Survey on Internet Economic Activities in 2015," 2015.
25 Korea Communications Commission & Korea internet and Security Agency. "Password Selection and Use Guide," 2010.
26 Weirich, D., and Sasse, M. A. "Pretty good persuasion: a first step towards effective password security in the real world," Proceedings of the 2001 Workshop on New Security Paradigms pp. 137-143. ACM, Sep. 2001.
27 Liang, H., & Xue, Y. "Understanding security behaviors in personal computer usage: A threat avoidance perspective," Journal of the Association for Information Systems, vol. 11, no. 7, pp. 394, 2010.   DOI