Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
To Cloud Or Not To? Musings on Clouds, Security and Big Data Read chapter Read first chapter

2014 | OriginalPaper | Chapter

“Technology Should Be Smarter Than This!”: A Vision for Overcoming the Great Authentication Fatigue

Author : M. Angela Sasse

Published in: Secure Data Management

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Security researchers identified 15 years ago that passwords create too much of a burden on users. But despite much research activity on alternative authentication mechanisms, there has been very little change for users in practice, and the implications for individual and organisations productivity are now severe. I argue that - rather than looking for alternative ‘front-end’ solutions, we must re-think the nature of authentication: we must drastically reduce the number of explicit authentication events users have to participate in, and use advanced technologies to implicitly authenticate users, without disrupting their productive activity.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Where Security Research Should Go in the Next Decade
next chapter Data Security and Privacy in 2025?
Literature
1.
Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40–46 (1999)CrossRef
2.
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th Conference on USENIX Security Symposium - Volume 8 (SSYM’99), USENIX Association, Berkeley, CA, USA, vol. 8, pp. 14–14 (1999)
3.
Herley, C.: So long, and no thanks for the externalities: the rational rejection of security advice by users. In: Proceedings of the 2009 Workshop on New Security Paradigms, pp. 133–144 (2009)
4.
Beautement, A., Sasse, M.A., Wonham, M.: The compliance budget: managing security behaviour in organisations. In: NSPW’08: Proceedings of the 2008 Workshop on New Security Paradigms, pp. 47–58 (2008)
5.
Reason, J.T.: The Human Contribution: Unsafe Acts, Accidents and Heroic Recoveries. Ashgate Publishing Ltd., Farnham (2008)
6.
Inglesant, P.G., Sasse, M.A.: The true cost of unusable password policies: password use in the wild. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 383–392. ACM (2010)
7.
Steves, M., Chisnell, D., Sasse, M.A., Krol K., Wald H.: Report: Authentication Diary Study, National Institute of Standards and Technology, Gaithersburg, MD, USA. NISTIR <Publication TBA> (2013)
8.
Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: IEEE Symposium on Security and Privacy (2013)
9.
Kirlappos, I., Beautement, A., Sasse, M.A.: “Comply or Die” is dead: long live security-aware principal agents. In: Adams, A.A., Brenner, M., Smith, M. (eds.) FC 2013. LNCS, vol. 7862, pp. 70–82. Springer, Heidelberg (2013)
10.
11.
Killourhy, K.S., Maxion, R.A.: Comparing anomaly-detection algorithms for keystroke dynamics. In: IEEE/IFIP International Conference on Dependable Systems and Networks 2009, DSN’09, pp. 125–134. IEEE (2009)
12.
Gibson, M., Renaud, K., Conrad, M., Maple, C.: Musipass: authenticating me softly with my song. In: Proceedings of the 2009 Workshop on New Security Paradigms, pp. 85–100. ACM (2009)
13.
Thorpe, J., van Oorschot, P.C., Somayaji, A.: Pass-thoughts: authenticating with our minds. In: Proceedings of the 2005 Workshop on New Security Paradigms, pp. 45–56. ACM (2005)
14.
Metadata
Title
“Technology Should Be Smarter Than This!”: A Vision for Overcoming the Great Authentication Fatigue
Author
M. Angela Sasse
Copyright Year
2014
Book
Secure Data Management

Print ISBN: 978-3-319-06810-7

Electronic ISBN: 978-3-319-06811-4

Copyright Year: 2014

DOI
https://doi.org/10.1007/978-3-319-06811-4_7

Premium Partner

    Image Credits