Volume 4

V4 N2 Pages 52-62

August 2011


Password Security Risk versus Effort: An Exploratory Study on User-Perceived Risk and the Intention to Use Online Applications


Judith Gebauer
University of North Carolina Wilmington
Wilmington, NC 28403, USA

Douglas M Kline
University of North Carolina Wilmington
Wilmington, NC 28403, USA

Ling He
Saginaw Valley State University
University Center, MI 48710, USA

Abstract: In the current paper, we present the results of a study that explored the relationship between user-perceived security risk of online applications and the efforts associated with password use. Based on data that were collected from undergraduate students and analyzed using the Partial Least Square (PLS) method, we found that the reactions of users to efforts related with password strength differed from the reactions to efforts related with frequency of required password change. In general, long and complicated passwords appear to be more acceptable than passwords that need to be changed very often, in particular for applications that users perceive to be of high risk. The results of our study should be of interest to practitioners who need to balance organizational needs with individual user behavior when developing effective security strategies, and to researchers who are interested in the conceptualization of fit-variables.

Keywords: online applications, user-perceptions, Security, risk, password strategy, fit, empirical study, PLS-analysis

Download this article: JISAR - V4 N2 Page 52.pdf


Recommended Citation: Gebauer, J., Kline, D. M., He, L. (2011). Password Security Risk versus Effort: An Exploratory Study on User-Perceived Risk and the Intention to Use Online Applications . Journal of Information Systems Applied Research, 4(2) pp 52-62. http://jisar.org/2011-4/ ISSN: 1946-1836. (A preliminary version appears in The Proceedings of CONISAR 2010)