Improving information security management: An analysis of ID-password usage and a new login vulnerability measure

Youngsok Bang, Dong Joo Lee, Yoon Soo Bae, Jae Hyeon Ahn

Research output: Contribution to journalArticlepeer-review

29 Citations (Scopus)


Statistics show that the number of identity theft victims in the US increased by 12% in 2009, to 11.1 million adults, while the total annual fraud amount increased by 12.5%, to $54 billion. As the e-commerce volume is increasing and various online services are becoming more popular, the number of sites to which an average Internet user subscribes is increasing rapidly. Given the limited memory capacity of human beings, an Internet user's login credentials (in the form of a combination of a user ID and a password) are usually reused over multiple accounts, which can cause significant security problems. In this study, we address the vulnerability of login credentials. First, based on a unique Internet user data set, we analyze the behavioral characteristics of login credentials usage. We find that the same login credentials are used for many more accounts and reused much more often than previously expected. Furthermore, usage patterns are found to be quite skewed. Second, building on a network perspective of login credentials usage, we suggest a vulnerability measure of an individual's login credentials and analyze the vulnerability of current Internet users. The resulting information is valuable not only to the research community but also to managers and policy makers striving to reduce security vulnerability.

Original languageEnglish
Pages (from-to)409-418
Number of pages10
JournalInternational Journal of Information Management
Issue number5
Publication statusPublished - 2012 Oct

Bibliographical note

Funding Information:
This research was financially supported by Hansung University.

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Information Systems
  • Computer Networks and Communications
  • Marketing
  • Information Systems and Management
  • Library and Information Sciences
  • Artificial Intelligence


Dive into the research topics of 'Improving information security management: An analysis of ID-password usage and a new login vulnerability measure'. Together they form a unique fingerprint.

Cite this