Analysis of end user security behaviors

Jeffrey M. Stanton, Kathryn R. Stam, Paul Mastrangelo, Jeffrey Jolton

Research output: Contribution to journalArticlepeer-review

494 Scopus citations


The method for making information security effective within an organizations by analyzing the end user security behavior was described. Many information security specialists believe that promoting good end user behaviors and constraining bad end user behavior provide one important method for making information security effective within organizations. It was observed that good password hygiene was related to training, awareness, monitoring, and motivation. The results suggest that six categories of end user security-related behaviors appeared to fit well on a two-dimensional map where one dimension captured the level of technical knowledge needed to enact the behavior and another dimension captured the intentionality of the behavior.

Original languageEnglish (US)
Pages (from-to)124-133
Number of pages10
JournalComputers and Security
Issue number2
StatePublished - Mar 2005


  • Behavioral information security
  • Computer security
  • Organizational management
  • Passwords
  • Surveys
  • User behavior

ASJC Scopus subject areas

  • General Computer Science
  • Law


Dive into the research topics of 'Analysis of end user security behaviors'. Together they form a unique fingerprint.

Cite this