Human Factors Considerations for Passwords

Full Text: PDF icon Pdf (0.15 MB)
Document Number:
DOT/FAA/CT-05/20
Publication Date:
01-2005
Authors: Kenneth Allendoerfer, PhD.
Shantanu Pai

Allendoerfer, K. & Pai. S. (2005). Human factors considerations for passwords and other user identification techniques: Part 1: Literature review & analysis (DOT/FAA/CT-05/20). Atlantic City International Airport, NJ: Federal Aviation Administration William J. Hughes Technical Center.

Abstract

All users need proper authorization before they can access National Airspace System (NAS) equipment. Current systems employ a variety of user identification systems and techniques such as usernames, passwords, and smartcards. Current procedures and policies place a variety of sometimes contradictory requirements on the Technical Operations workforce. This report describes the human factors and usability issues faced in the use of these identification techniques. Issues include the number of passwords a user must remember, the frequency by which the passwords must be changed, the complexity of the passwords, and social issues like trust and accountability. This report discusses the human factors research literature examining these topics and makes recommendations for making passwords easier to use in general. The report also provides an analysis of ways in which NAS maintenance tasks and systems differ from the typical information technology environment studied in the literature. The report discusses ways that these differences may affect decisions regarding passwords and other user identification technology. Finally, the report proposes a study in which information will be gathered from field personnel to provide a more specific, targeted analysis of how passwords and other user identification techniques can be made simpler and more usable in the NAS.

Updated: May 04, 2012 11:21 AM