IDEAS home Printed from https://ideas.repec.org/a/igg/jisp00/v15y2021i4p31-53.html
   My bibliography  Save this article

A Model to Improve Security Questions Through Individualized Assistance

Author

Listed:
  • Andrew Mangle

    (Bowie State University, USA)

  • Sandip Patel

    (Morgan State University (Retired), USA)

  • Sanjay Bapna

    (Morgan State University, USA)

  • XingXing Zu

    (Morgan State University, USA)

  • David Gurzick

    (Hood College, USA)

Abstract

Security questions are considered a viable alternative for secondary and supplementary authentication. Security questions are susceptible to three types of attacks: blind (brute force), focused guess (statistical), and observation (research/personal). This research outlines how informing users of potential security threats through a security meter may improve security with minimal impact on usability and trust. A security-question authentication model is proposed that builds on the strengths of security question responses, chiefly their ease of recall and higher entropy, while mitigating the core weaknesses of the model, which are the lack of uniform answers and public accessibility to answers. Users that were made aware of the entropy of their responses were more likely to provide stronger responses to the security questions without affecting the repeatability of the responses to the questions but negatively impacting the memorability.

Suggested Citation

  • Andrew Mangle & Sandip Patel & Sanjay Bapna & XingXing Zu & David Gurzick, 2021. "A Model to Improve Security Questions Through Individualized Assistance," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 15(4), pages 31-53, October.
    • Handle: RePEc:igg:jisp00:v:15:y:2021:i:4:p:31-53
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.2021100103
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jisp00:v:15:y:2021:i:4:p:31-53. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.