Research Article Open Access

Evaluating Password Behavior at a Small University

Mohammed Awad1, Zakaria Al-Qudah1, Sahar Idwan2 and Abdul Halim Jallad3
  • 1 American University of Ras Al Khaimah, United Arab Emirates
  • 2 Hashemite University, Jordan
  • 3 Yarmouk University, Jordan
Journal of Computer Science
Volume 15 No. 1, 2019, 1-9

DOI: https://doi.org/10.3844/jcssp.2019.1.9

Submitted On: 30 June 2018 Published On: 4 January 2019

How to Cite: Awad, M., Al-Qudah, Z., Idwan, S. & Jallad, A. H. (2019). Evaluating Password Behavior at a Small University. Journal of Computer Science, 15(1), 1-9. https://doi.org/10.3844/jcssp.2019.1.9

Abstract

No matter how sophisticated an organization’s security system is, it remains vulnerable due to the human factor. In this study, we surveyed and analyzed the patterns practiced by users when generating passwords at a small-sized university. We found that users are not as aware of security requirements and practices as they think. Moreover, the vast majority of users’ passwords are breakable within days or shorter. Interestingly, we found that the use of numbers and uppercase letters is prevalent among users. However, numbers are mostly used at the end of the passwords and uppercase letters are mostly used at the beginning of passwords. The existence of such trends makes it easier for attackers to generate more effective dictionaries. Based on the analysis in this study, we make recommendations to the IT department to improve the password policy. Additionally, we provide recommendations to the faculty, staff, and students on how to strengthen their passwords.

  • 1,358 Views
  • 4,092 Downloads
  • 1 Citations

Download

Keywords

  • Password
  • Security
  • Strength
  • Awareness
  • Vulnerability