Common nonsense about password security and the expert-layperson knowledge gap

Frischmann, Brett; Johnson, Alexandria

Permalink

https://hdl.handle.net/2142/117212 Copy

Description

Title

Common nonsense about password security and the expert-layperson knowledge gap

Author(s)

• Frischmann, Brett
• Johnson, Alexandria

Issue Date

2024

Keyword(s)

• Passwords
• Computer security
• Common sense
• Nonsense
• Best practices

Abstract

Lay people often are misinformed about what is a secure password, what are the various types of security threats to passwords or password-protected resources, and the risks of certain compromising practices such as reusing passwords and required password expiration. Expert knowledge about password security has evolved considerably over time, but on many points, research supports general agreement among experts about best practices. Remarkably, though perhaps not surprisingly, there is a sizable gap between what experts agree on and what lay people believe and do. The knowledge gap might exist and persist because of intermediaries, namely professionals and practitioners as well as technological interfaces such as password meters and composition rules. In this chapter, we identify knowledge commons governance dilemmas that arise within and between different communities (expert, professional, lay) and examine implications for other everyday misinformation problems.

Publisher

Cambridge University Press

Series/Report Name or Number

Cambridge Studies on Governing Knowledge Commons

Type of Resource

text

Language

en

Sponsor(s)/Grant Number(s)

• NSF: SES
• Divn Of Social and Economic Sciences
• #2017495

Owning Collections