Abstract
Organizations worldwide are revisiting the design of their password policies. This is partly motivated by the security and usability limitations of user-generated passwords. While research on password policies has been ongoing, this has taken place in the Global North. Accordingly, little is known about the strengths and weaknesses of password policies deployed in the Global South, especially Africa. As such, this study researched password policies deployed on South African websites. Password policies of thirty frequently visited websites belonging to South African organizations were analyzed. Our observations show diverse password requirements. Even though the desire for strong passwords is the dominant motivator of complex password policies, South African organizations often adopt obsolete measures for attaining password security. The ten most common passwords in the literature were considered acceptable on most sites. In addition, some sites did not explicitly display password requirements and only a few sites adopted measures for providing real-time feedback and effective guidance during password generation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
