Usablesecurity

On PCI DSS v4 and Passwords

7 December 2022

Security

Security, Usablesecurity, Passwords, Pci

PCI DSS v4.0 & Passwords #

Several years of research have shown that frequent password rest cycles hurt the user, and the security of the password 1,2. Users tend to slightly modify the password rather than coming up with a new password. For example, changing MyPassword^ to MyPassword1^.

In addition, best practices suggest users have a minimum of 12 characters, mix alphanumeric and special symbols. Imagine applying this rule to each of our accounts, since passwords shouldn’t be reused. Most users do not store their password in a password manager, making these recommendations a burden and a challenge for people.

...

Usable Security

4 October 2022

General

Secureit, Usablesecurity

Usable Security and Privacy #

This post provides an overview of the relevance of usable security. I address two questions: what is usable security? And how is usable security relevant for practitioners?

I am very passionate about human computer interaction (HCI) and cybersecurity. Thus, I decided to write this blog on a topic which is often overlooked by the cybersecurity community.

...