'Despite technological advances, humans remain the weakest link in Internet security' [1], this weakness is typically characterised in one of two domains. First, systems may not enable humans to interface securely, or the security mechanisms themselves are unusable or difficult to use effectively. Second, there may be something fundamental about the behaviour of some people which leads them to become vulnerable. This paper examines the links between perceptions of risk associated with online tasks and password choice. We also explore the degrees to which the said perceptions of risk differ according to whether the password user is a security expert or not, and whether they have experienced some form of attack.
展开▼