Password Security & User Access: Is Human Negligence the Weakest Point in Accounting Information Systems

Ahmad Arif Aufar; Widanti Retno Palupi; Rina Tjandrakirana DP

doi:10.61536/escalate.v1i02.458

Authors

Ahmad Arif Aufar Sriwijaya University
Widanti Retno Palupi Sriwijaya University
Rina Tjandrakirana DP Sriwijaya University

DOI:

https://doi.org/10.61536/escalate.v1i02.458

Keywords:

Accounting Information Systems, Cybersecurity, Human Negligence, Password Management, SLR.

Abstract

Currently in the digital era, Accounting Information Systems play an important role in managing confidential financial data. This study evaluates whether human negligence is the main vulnerability in Accounting Information Systems compared to technical factors. Using the Systematic Literature Review method of several reputable national & international journals, it was found that human factors contribute up to 85% to data leaks. Major problems include poor password management, security fatigue, vulnerability to phishing, and internal access abuse. The results of the study confirm that advanced technologies such as encryption are often paralyzed due to user negligence. In conclusion, strengthening SIA security requires a holistic approach that integrates technical solutions such as Role-Based Access Control & Multi-Factor Authentication with cyber awareness training to mitigate the risk of user behavior as the system's weakest point.

Downloads

Download data is not yet available.

References

Abuiteiwi, A., & Santiago, E. (2025). Evaluating the human factor in cybersecurity threats (a Systematic Literature Review). SSRN. https://ssrn.com/abstract=5576064

Arliana, S. A., & Fatrizia, S. (2023). SLR: SPI & accounting fraud against data security in SIA in the age of big data. Journal of Accounting and Financial Research, 11(2), 45–58. https://doi.org/10.17509/jrak.v11i2.56781

Basha, A. M. (2025). Human factors in IoT security: Addressing user behavior and awareness. International Journal of Creative Research Thoughts (IJCRT), 13(7), 112–125. www.ijcrt.org

Daeli, I. S., Ramadhan, S., Nur, K., Laila, L., & Jaya, D. (2026). Cybersecurity strategies for accounting data protection: A systematic literature review 2021-2025. Land Journal, 7(1), 88–102. https://ejurnal.ulbi.ac.id/index.php/jurnalland

Dani, M. R., Simatupang, E. M., Anakampun, A., Pratiwi, Y., Natalia, D., Perangin-angin, R., & Darma, J. (2025). The role of accounting information systems in identifying and preventing fraud in the abuse of internal access of companies. Journal of Economics and Accounting Publications (JUPEA), 5(2), 145–158. https://doi.org/10.55606/jupea.v5i2.3876

Faridawati, S. A., Herdi, H., & Lamawitak, P. L. (2024). Analysis of the application of accounting information systems to improve the efficiency and financial security of MSMEs (Cafe Rindu Lokaria). Journal of Economics, Accounting, and Taxation, 1(4), 189–215. https://doi.org/10.61132/jeap.v1i4.443

Gemawaty, C. A., & Yuliani, Y. (2024). Identity & access management in information systems security (literature review approach). Journal of Informatics Management Jayakarta, 4(4), 396–403. https://doi.org/10.52362/jmijayakarta.v4i4.1527

Kafi, A., & Akter, N. (2023). Policy and practice reviews securing financial information in the digital realm: Case studies in cybersecurity for accounting data protection. Global Journal of Accounting and Economy Research, 4(1), 15–29.

Khoiriah, S., Salsabila, A., Camberra, D. D., Syafri, E., Layyin, H. L., Fathurrahman, R., & Marjohan, M. (2025). Security & privacy in digital finance. Journal of Information Systems and Business Management Publications, 4(2), 409–418. https://doi.org/10.55606/jupsim.v4i2.4524

Krause, A., Suray, J., Schmüser, L., Oltrogge, M., Wiese, O., Golla, M., & Fahl, S. (2025). An in-depth systematic analysis of the security, usability, and automation capabilities of password update processes on top-ranked websites. arXiv. http://arxiv.org/abs/2511.10111

Lailiyah, N., & Supranata, M. (2025). The role of accounting information systems in improving security through data encryption. Journal of Managerial Accounting (JAM), 10(1), 48–62. http://journal.uta45jakarta.ac.id/index.php/JAM/index

Lehenchuk, S. F., Vygivska, І. M., & Hryhorevska, O. O. (2022). Protection of accounting information in the conditions of cyber security. Problems of Theory and Methodology of Accounting, Control and Analysis, 2(52), 40–46. https://doi.org/10.26642/pbo-2022-2(52)-40-46

Mahmood, S., Chadhar, M., & Firmin, S. (2024). Addressing cybersecurity challenges in times of crisis: Extending the sociotechnical systems perspective. Applied Sciences (Switzerland), 14(24), 11610. https://doi.org/10.3390/app142411610

Makidong, S., & Putra, I. F. U. R. (2025). Web-based accounting information system for recording & financial management at the GPIBK Synod Office. Journal of Information Systems and Business Management Publications (JUPSIM), 4(3), 226–238. https://doi.org/10.55606/jupsim.v4i3.53573

Maulany, S. C., Meikhati, E., & Prastiwi, P. I. (2025). Integration of accounting information technology & accounting information system protection against cybersecurity accounting in the digital era. Tax Accounting and Digital Economy Policy, 2(3), 216–231. https://doi.org/10.61132/apke.v2i3.1429

Morić, Z., Dakić, V., Plećaš, M., & Biškupić, I. O. (2025). Evaluating end-user defensive approaches against phishing using education and simulated attacks in a Croatian university. Journal of Cybersecurity and Privacy, 5(3), 450–468. https://doi.org/10.3390/JCP5030038

Morshed, A., & Khrais, L. T. (2025). Cybersecurity in digital accounting systems: Challenges and solutions in the Arab Gulf region. Journal of Risk and Financial Management, 18(1), 41. https://doi.org/10.3390/jrfm18010041

Muchtar, A. M., Sari, R. V., & Santoso, S. H. (2024). Securing accounting information systems (AIS). KnE Social Sciences, 9(25), 112–126. https://doi.org/10.18502/kss.v9i25.16952

Nurwanah, A. (2024). Cybersecurity in accounting information systems: Challenges and solutions. Advances in Applied Accounting Research, 2(3), 157–168. https://doi.org/10.60079/aaar.v2i3.336

Nyarko-Boateng, O., Nti, I. K., Mensah, A. A., & Gyamfi, E. K. (2024). Controlling user access with scripting to mitigate cyber-attacks. Journal of Computer and Communications, 12(4), 101–115. https://doi.org/10.4236/jcc.2024.124008

Sanusi, I., Sanusi, A. R., Shamwill, A. K., Yinusa, S., & Iliyasu, R. (2025). Evaluation of cloud based computing in security accounting information system. World Journal of Advanced Research and Reviews, 25(3), 1073–1086. https://doi.org/10.30574/wjarr.2025.25.3.0734

Sayuthi. (2021). The concept of internal control for information system security. Scientific African, 17, e02355. https://doi.org/10.1016/j.sciaf.2024.e02355

Simanjuntak, H. E., Purba, H. C., Ginting, J. T. B., Aruan, P. A., Panjaitan, R. J. N., & Darma, J. (2025). Security of accounting information systems in the digital age: Concept & implementation. Indo-MathEdu Intellectuals Journal, 6(2), 2695–2705. https://doi.org/10.54373/imeij.v6i2.2950

Simatangkir, D. W. E., Afifah, E. F. N., & Nafiza, S. F. (2025). Cybersecurity in banking as well as challenges & solutions in the digital era. Journal of Management Informatics and Accounting (JMIA), 2(1), 33–42. https://doi.org/10.61722/jmia.v2i1.3119

Triplett, W. J. (2022). Addressing human factors in cybersecurity leadership. Journal of Cybersecurity and Privacy, 2(3), 573–586. https://doi.org/10.3390/jcp2030029

Yeng, P. K., Fauzi, M. A., & Yang, B. (2022). A comprehensive assessment of human factors in cyber security compliance toward enhancing the security practice of healthcare staff in paperless hospitals. Information (Switzerland), 13(7), 335. https://doi.org/10.3390/info13070335