(Press-News.org) Updating passwords for all users of a company or institution’s internal computer systems is stressful and disruptive to both users and IT professionals. Many studies have looked at user struggles and password best practices. But very little research has been done to determine how a password update campaign can be conducted most efficiently and with minimal IT costs. Until now.
A team of computer scientists at the University of California San Diego partnered with the campus’ Information Technology Services to analyze the messaging for a campuswide mandatory password change impacting almost 10,000 faculty and staff members. The team found that email notifications to update passwords potentially yielded diminishing returns after three messages. They also found that a prompt to update passwords while users were trying to log in was effective for those who had ignored email reminders. Researchers also found that users whose jobs didn’t require much computer use struggled the most with the update.
To the team’s knowledge, it’s the first time an empirical analysis of a mandatory password update has been conducted at this large a scale and in the wild, rather than as part of a simulation or controlled experiment.
The research team hopes that lessons from their analysis will be helpful to IT professionals at other institutions and companies.
The team presented their work at ACSAC '23: Annual Computer Security Applications Conference in December 2023.
During the campaign, almost 10,000 faculty and staff at UC San Diego received four emails at about a weekly interval prompting them to change their single sign-on password. Users who still hadn’t changed their password even after receiving four emails then got a prompt to do so as they logged in.
The emails were clearly effective, leading between 5 and 15% of users to update their passwords during each wave of emails. However, even after four such email prompts, a quarter of users had not completed the update procedure.
The finding contradicts a previous study that found 98% of participants changed their passwords after receiving multiple email messages. But that study had a much smaller sample size.
Remarkably, 80% of the remaining users who hadn’t changed their passwords after the email campaign finally did so when they were prompted at log in.
“The active single sign on prompting was a big winner across the board,” said Ariana Mirian, the paper’s first author, who earned her Ph.D. in the UC San Diego Department of Computer Science and Engineering. “You managed to get people who are stubborn–and maybe not paying attention–to take action, and that’s huge.”
Researchers also noted that despite concerns from the campus, the campaign did not generate a significant increase in tickets to the IT help desk. Ticket volume did increase three to four times, but tickets related to the password update only represented 8% of all requests.
Not surprisingly, users that struggled the most work in areas where they’re not required to log in to their computers regularly, such as maintenance, recreation and dining services.
“Targeting such users earlier, or forgoing email reminders and using login intercepts from the start, or even using a different notification mechanism such as text messages, may be more effective,” the researchers write.
The research was funded in part by the National Science Foundation, the UC San Diego CSE postdoctoral fellows program, the Irwin Mark and Joel Klein Jacobs Chair in Information and Computer Science, and operational support from the UC San Diego Center for Networked Systems.
An Empirical Analysis of the Enterprise-Wide Mandatory Password Updates
Ariana Mirian, Grant Ho, Stefan Savage and Geoffrey M. Voelker, Department of Computer Science and Engineering, University of California San Diego
END
How to run a password update campaign efficiently and with minimal IT costs
2024-02-01
ELSE PRESS RELEASES FROM THIS DATE:
Five advances that could change heart health monitoring
2024-02-01
Chocolate valentines and candies with sweet sayings shouldn't be the only hearts you think about this February. It’s also American Heart Month, which puts a spotlight on cardiovascular health. According to the American Heart Association, heart disease is the leading cause of death for Americans, so it’s important to know the status of your own heart health. New methods for cardiac monitoring can be found in these five papers recently published in ACS journals. Reporters can request free access to these papers by emailing newsroom@acs.org.
Future ...
Gut bacteria can process dietary fiber into an anti-allergy weapon, finds new study
2024-02-01
The intricate relationship that exists between humans and the gut microbiome has become a hot research topic, and scientists are constantly uncovering new reasons why a healthy diet can lead to a healthier life. Dietary fibers are a particularly important aspect of this connection. When we ingest these compounds, which are mainly found in plant-based foods, our gut bacteria break them down into small molecules, called short-chain fatty acids (SCFAs). Over the past few years, studies have revealed various important anti-inflammatory and immunomodulating effects of SCFAs.
One of the ways SCFAs interact with ...
Insights from a phase II clinical trial with CL2020 Muse cell-based therapeutic for Amyotrophic lateral sclerosis
2024-02-01
Amyotrophic lateral sclerosis (ALS) is a neurodegenerative disease characterized by progressive loss of motor functions, which eventually leads to death within 5 years of its onset. This disease causes weakness and atrophy of limbs and other muscles, which affect mobility speech, eating, and even breathing in patients. Some drugs, including riluzole, edaravone, and sodium phenylbutyrate/taurursodiol are used for treating ALS, but with limited therapeutic benefits. Therefore, novel, effective ALS treatments are the need of the hour.
Multilineage-differentiating stress-enduring (Muse) cells are pluripotent stem cells ...
Increased temperature difference between day and night can affect all life on earth
2024-02-01
Researchers from Chalmers University of Technology, in Sweden, have discovered a change in what scientists already knew about global warming dynamics. It had been widely accepted since the 1950s that global temperature rises were not consistent throughout the day and night, with greater nighttime warming being observed. However, the recent study reveals a shift in dynamics: with greater daytime warming taking place since the 1990s. This shift means that the temperature difference between day and night is widening, potentially affecting all life on Earth.
The ...
Rice research unveils key dynamics of 2D nanomaterials with view to larger-scale production
2024-02-01
HOUSTON – (Feb. 1, 2024) – A team of Rice University researchers mapped out how flecks of 2D materials move in liquid ⎯ knowledge that could help scientists assemble macroscopic-scale materials with the same useful properties as their 2D counterparts.
“Two-dimensional nanomaterials are extremely thin ⎯ only several atoms thick ⎯ sheet-shaped materials,” said Utana Umezaki, a Rice graduate student who is a lead author on a study published in ACS Nano. “They behave very differently from materials we’re used to in daily life and can have really useful properties: They can withstand a lot of ...
CT scan is most effective to assess people with chest pain
2024-02-01
Previous studies have found less than 40% of patients with stable chest pain undergoing invasive coronary angiography are found to have obstructive coronary artery disease. Recent randomized clinical trials have demonstrated a benefit to using computed tomography angiography (CTA) first in evaluation of these patients, and a new study being presented at the American College of Cardiology Cardiovascular Summit lends credence to this strategy, finding that CT was associated with a higher likelihood of revascularization compared to other imaging modalities or no testing.
Stable angina ...
UMass Chan advances research into long COVID, chronic fatigue syndrome
2024-02-01
A study led by UMass Chan Medical School viral immunologists Liisa Selin, MD, PhD, and Anna Gil, PhD, discovered similarities in immune system dysfunction as a potential biomarker among people living with long COVID and myalgic encephalomyelitis/chronic fatigue syndrome (ME/CFS). The research also introduced a novel treatment and a method to track effective treatment interventions. The research was published online in Brain, Behavior & Immunity.
Dr. Selin, professor of pathology, ...
Black women with high blood pressure before age 35 may have triple the risk of a stroke
2024-02-01
Research Highlights:
Black women who develop high blood pressure before age 35 may have triple the odds of having a stroke, and those who develop high blood pressure before age 45 may have twice the risk of suffering a subsequent stroke.
The findings, from a study of 59,000 Black women in the U.S., are important for expanding high blood pressure screening and treatment in this high-risk population.
Researchers say health care professionals should be vigilant in high blood pressure screening and ...
Experiencing “stroke-like” symptoms may be more traumatic than an actual stroke
2024-02-01
Research Highlights:
One month after hospital evaluation for stroke-like symptoms, people whose symptoms were attributed to another condition were 3 times more likely to have increased risk of post-traumatic stress disorder (PTSD) than people diagnosed with a confirmed stroke.
Knowing that the experience of being evaluated for stroke can itself be traumatic may help health care professionals recognize PTSD symptoms and connect people quickly to the appropriate resources.
Embargoed until 4 a.m. CT/5 a.m. ET, Thursday, Feb. 1, 2024
DALLAS, Feb. 1, 2024 — People with so-called stroke mimics may be even more likely to develop post-traumatic stress ...
Lifetime exposure to sexual assault and other traumatic stress may harm stroke recovery
2024-02-01
Research Highlights:
Lifetime exposure to different types of traumatic events or stress appears to reduce the chances for optimal recovery after a stroke.
A review of health records for U.S. stroke survivors found that sexual assault was consistently linked to worse physical functioning and poorer cognitive recovery measurements one year after a stroke.
Embargoed until 4 a.m. CT/5 a.m. ET, Thursday, Feb. 1, 2024
DALLAS, Feb. 1, 2024 — Stressors and traumatic events experienced over the course of a lifetime may negatively impact subsequent stroke recovery; specifically, stroke survivors exposed to sexual assault at any point in their life had poorer physical functioning ...