No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Nudging folks towards stronger password choices: providing certainty is the key
Abstract
Persuading people to choose strong passwords is challenging. One way to influence password strength, as and when people are making the choice, is to tweak the choice architecture to encourage stronger choice. A variety of choice architecture manipulations (i.e. ‘nudges’) have been trialled by researchers with a view to strengthening the overall password profile. None has made much of a difference so far. Here, we report on our design of an influential behavioural intervention tailored to the password choice context: a hybrid nudge that significantly prompted stronger passwords. We carried out three longitudinal studies to analyse the efficacy of a range of ‘nudges’ by manipulating the password choice architecture of an actual university web application. The first and second studies tested the efficacy of several simple visual framing ‘nudges’. Password strength did not budge. The third study tested expiration dates directly linked to password strength. This manipulation delivered a positive result: significantly longer and stronger passwords. Our main conclusion was that the final successful nudge provided participants with absolute certainty as to the benefit of a stronger password and that it was this certainty that made the difference.
... Nevertheless, some research has shown that training is ineffective (Bada et al., 2019;Ferguson, 2005;Lorenz et al., 2013;Notoatmodjo & Thomborson, 2009;Riley, 2006). Recent research has explored the use of nudges (i.e., indirect suggestion) to improve cybersecurity practices (Guo et al., 2020;Li, 2016;Peer et al., 2020;Renaud & Zimmermann, 2019;Seitz et al., 2016). The aim of the present research was to investigate whether nudging messages may increase the likelihood that adults create strong passwords and the factors related to strong password practices. ...
... A growing number of researchers are taking a new approach to cybersecurity, which involves using nudges, which refers to indirect suggestions to influence behavior, to increase the use of secure behaviors (Egelman et al., 2013;Guo et al., 2020;Kankane et al., 2018;Peer et al., 2020;Renaud & Zimmermann, 2019;Vance et al., 2013). Thaler and Sunstein (2009) first described nudging as a method of influencing choice behavior (c.f., Hansen, 2015). ...
... However, some researchers have found nudging to be ineffective (Rayner & Lang, 2011). In recent years, there have been several studies investigating whether nudging can affect cybersecurity behaviors, including the use of stronger passwords (Egelman et al., 2013;Guo et al., 2020;Renaud & Zimmermann, 2019;Vance et al., 2013). In a series of studies, Renaud and Zimmermann (2019) tested the effectiveness of nudges design to strengthen users' passwords. ...
The use of strong passwords is viewed as a recommended cybersecurity practice, as the hacking of weak passwords led to major cybersecurity breaches. The present research investigated whether nudging with messages based on participants’ self-schemas could lead them to create stronger passwords. We modeled our study on prior health-related research demonstrating positive results using messages based on self-schema categories (i.e., True Colors categories -compassionate, loyal, intellectual, and adventurous). We carried out an online study, one with 256 (185 women, 66 men, 5 other) undergraduates and one with 424 (240 men, 179 women, 5 other) Amazon Mechanical Turk (MTurk) workers, in which we randomly assigned participants to receive messages that matched or mismatched their self-schema. We also investigated whether differences across the Big Five personality traits, secure password knowledge, attitudes and behavior, need for cognition, and general risk-taking predicted the strength of passwords that participants created during the study. Multiple individual difference variables predicted password strength (i.e., conscientiousness, emotional stability, need for cognition, self-reported secure password knowledge, attitude, and behavior, and general risk-taking). MTurk workers had higher levels of cybersecurity knowledge and created stronger passwords than college students. The nudging messages did not lead to stronger passwords. Implications for strategies to increase the use of secure passwords are discussed.
... However, people still prefer System 2 for nudges, as it maintains people agency (Sunstein, 2016). Interestingly, Renaud and Zimmermann (2019) put this to test where they nudge people to create a strong password by using just visual cues or adding an expiration reminder for the password. These nudges were created to ensure that the participants try to secure their online accounts. ...
... The effectiveness of reminder (which mostly play around in activating System 2 thinking) could be linked with this rationale. Our results are supported by the findings of Renaud and Zimmermann (2019) who found that adding a reminder of the urgency to create strong password (along with visual cues to create one, i.e., long dachshund, pair of eyes) yielded more people to make strong password. However, as noted by Renaud and Zimmermann (2019), it was difficult to assess each variable's effect individually. ...
... Our results are supported by the findings of Renaud and Zimmermann (2019) who found that adding a reminder of the urgency to create strong password (along with visual cues to create one, i.e., long dachshund, pair of eyes) yielded more people to make strong password. However, as noted by Renaud and Zimmermann (2019), it was difficult to assess each variable's effect individually. We can conclude in this study that, amidst the strong cultural habit and uncertainty caused by the pandemic, the intention to Mudik could be reduced by using multiple nudge tools and the combined thinking of both systems. ...
Mudik is a unique exodus in Indonesia where people travel to hometown during Eid festive season. It posed a challenge for the government to cope with the COVID-19 pandemic. Several reports have identified that people still stick with their plan to Mudik amidst the latest Mudik ban. Thus, a scientific nudge campaign is pivotal to influence Mudik behaviour. The present study designed and tested five visual campaigns to identify key elements which can reduce Mudik intention. A pre-post field experiment used six between-subject groups designed on Qualtrics collected 767 responses measuring intention to Mudik. We asked participants respective Mudik ban institution in anticipating the latest nation-wide Mudik ban. Mother visual and a lethal virus for elderly reminder are of which sufficient reducing Mudik intention. The treatment effect holds in certain people conditions. The study yielded an initially worked nudge campaign to support government Mudik ban policy.
... The field of human-centred cybersecurity aims to support people in behaving more securely [30,73,87], or in adopting measures to preserve their privacy while online [24]. For example, one cybersecurity-related study trialled a number of nudges to identify the one that would encourage stronger passwords [73]. ...
... The field of human-centred cybersecurity aims to support people in behaving more securely [30,73,87], or in adopting measures to preserve their privacy while online [24]. For example, one cybersecurity-related study trialled a number of nudges to identify the one that would encourage stronger passwords [73]. A privacy-related nudge attempted to persuade people to choose the most secure WiFi to connect to [85]. ...
... For example, Ur et al. varied the design of the feedback bar [88] and provided textual feedback based on the user's actual input [87], Vance et al. [89] used fear appeals to increase the users' motivation, and Dupuis and Khan [30] as well as Ohyama and Kanaoka [59] made use of social influence to increase password strength. Renaud and Zimmermann deployed a number of images to encourage users to choose stronger passwords, e.g., a pair of watching eyes to activate social norms or an image of a long sausage dog to make the association between password length and strength more salient [73]. Apart from text-based passwords, von Zezschwitz et al. [90] even applied nudging to graphical passwords. ...
Nudging is a promising approach, in terms of influencing people to make advisable choices in a range of domains, including cybersecurity. However, the processes underlying the concept and the nudge’s effectiveness in different contexts, and in the long term, are still poorly understood. Our research thus first reviewed the nudge concept and differentiated it from other interventions before applying it to the cybersecurity area. We then carried out an empirical study to assess the effectiveness of three different nudge-related interventions on four types of cybersecurity-specific decisions. Our study demonstrated that the combination of a simple nudge and information provision, termed a “hybrid nudge,” was at least as, and in some decision contexts even more effective in encouraging secure choices as the simple nudge on its own. This indicates that the inclusion of information when deploying a nudge, thereby increasing the intervention’s transparency, does not necessarily diminish its effectiveness.
A follow-up study explored the educational and long-term impact of our tested nudge interventions to encourage secure choices. The results indicate that the impact of the initial nudges, of all kinds, did not endure. We conclude by discussing our findings and their implications for research and practice.
... The results indicate that financial rewards and punishments increase securitycompliant behavior. In further user studies, Renaud and Zimmermann [20] found that nudges can enable users to choose stronger passwords, and Golla et al. [10] demonstrated that nudges can increase the use of two-factor authentication. In summary, prior research either investigated the topic from a purely theoretical viewpoint or only focused on specific motivational factors (such as employees' competence) or specific aspects of security compliance. ...
... An example is the choice default nudge. By suggesting strong passwords or enabling two-factor authentication by default, employees could be nudged into security compliance, as identified by Renaud and Zimmermann [20] and Golla et al. [10]. Such measures of combining the security guidelines with practical, user-friendly solutions can increase the willingness of employees to behave in a security-compliant manner. ...
Cyberattacks pose a persistent threat to organizations worldwide. These attacks often target employees as entry points to organizational systems through tactics like phishing and credential theft. Recognizing employees as an organization's "last line of defense", motivating employees toward security-compliant behavior becomes paramount. While existing literature investigates theoretical frameworks for enhancing individuals' motivation, studies regarding their practical implementation within organizational contexts remain scarce. This paper seeks to address this research gap by exploring how organizations motivate and in-centivize security-compliant behavior among employees in Germany. We conducted semi-structured interviews with 18 participants from diverse organizational backgrounds, illuminating the topic from three perspectives: Executive managers, security specialists, and regular employees. Utilizing a classification derived from existing literature, we examine our findings to identify which motivational strategies are currently implemented effectively within organizational contexts. On this basis, we offer a set of actionable recommendations on how organizations can enhance and complement existing motivational strategies.
... Furthermore, service providers often misuse password meters, implementing them in a way that weakens the final password [39]. One possible explanation for password-meter limitations is that they fall short in nudging Figure 1: A step-by-step flow of the DPAR user experience, assuming the user initially chose the password "1qaz1qaz" users to change their passwords to stronger ones [52,35]. More interventional approaches, such as providing guidance and detailed explanations to users [21,59], had accumulative positive effects on password strengths. ...
... Nudging approaches do not explicitly impose strict policies on users but rather reflect the concept of nudging in behavioral economics to help users make better decisions when creating passwords. Renaud and Zimmerman [52] found that a simple textual feedback nudge did not significantly impact password strength. However, adding an incentive in the form of a more extended expiration date for a stronger password resulted in more robust passwords. ...
Passwords are the primary authentication method online, but even with password policies and meters, users still find it hard to create strong and memorable passwords. In this paper, we propose DPAR: a Data-driven PAssword Recommendation system based on a dataset of 905 million leaked passwords. DPAR generates password recommendations by analyzing the user's given password and suggesting specific tweaks that would make it stronger while still keeping it memorable and similar to the original password. We conducted two studies to evaluate our approach: verifying the memorability of generated passwords (n=317), and evaluating the strength and recall of DPAR recommendations against password meters (n=441). In a randomized experiment, we show that DPAR increased password strength by 34.8 bits on average and did not significantly affect the ability to recall their password. Furthermore, 36.6% of users accepted DPAR's recommendations verbatim. We discuss our findings and their implications for enhancing password management with recommendation systems.
... In three of the cases, we furthermore additionally increased the salience of the information. In these cases, we implemented a hybrid nudging approach, which has been shown to be effective in the past in , Renaud and Zimmermann (2019). Several other types of nudges from the literature could be applied as well. ...
... In the offline setting, Van Gestel et al. (2018) for example replicated the "food positioning nudge" mentioned in Thaler and Sunstein (2008), and they observed that re-positioning the food options had a measurable effect on food choices after several weeks. In the online world, Renaud and Zimmermann (2019) found that a hybrid nudge led to stronger password choices in a study that ran over a full year. Independent of the use of digital nudging, longitudinal studies of the effects of recommender systems on users are rare. ...
In many application domains of recommender systems, e.g., on media streaming sites, one main goal of the provider of the recommendation service is to increase the engagement of users by helping them discover new types of content they like. Standard collaborative filtering algorithms by design often lead to a certain level of discovery. Nonetheless, in certain domains, it may be helpful to more actively promote content to users beyond their past preference profile (“off-profile”) and thereby help users explore new content. However, when showing such off-profile content to users in combination with more familiar content, the new content items may be overlooked. In this research, we explore to what extent digital nudging, i.e., subtly directing user choices in a specific direction, can help to raise the attention and interest of users for off-profile content. We conducted a user study (N=1064N=1064) on a real-world social book recommendation app. We find that users who are nudged towards recommended books of their non-preferred genres significantly more often put these off-profile books on their reading lists, thus confirming the effectiveness of digital nudging in this application. However, we also found that digital nudges may negatively impact the users’ beliefs and attitudes towards the system and a more limited intention to use the system in the future. As a result, we find that digital nudging in recommendations, while effective in the short run, must be done with due care, keeping an eye on the overall quality perceptions by users and potentially harmful long-term effects.
... Nudges have been successfully applied in a large range of physical contexts such as encouraging healthy nutrition [60], organ donation [104], or physical activity [102]. In addition, nudging has found its way into the digital and cyber space, including password creation [78,46], WiFi selection [101], and privacy-friendly app choices [12]. An example is that of using a position effect to make people choose a secure WiFi option in a public place such as an airport. ...
... Exemplary strategies following that approach are educational approaches aiming to increase knowledge and awareness, persuasive technologies that foster the active interaction with the user, or nudges that aim to encourage certain choices without limiting the choice set. In terms of nudges, research suggests that transparent "hybrid nudges", i. e., the combination of nudges with information provision, may be especially favorable due to the enhanced transparency of the intervention [78]. ...
Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers —capable of producing and consuming electricity—who can adjust their electricity profile dynamically (i. e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.
... Several research papers have shown no reliable positive effects on password strength [69]. However, one online study with more than 2000 participants showed that passwords composed with the help of password meters were more secure and harder to guess than those that did not use password meters [112]. Dupuis and Khan [113] proposed a new visualization for meters based on peer feedback. ...
A sustainable online environment is essential to protecting businesses from abuse and data breaches. To protect sustainability, websites’ authentication procedures should continuously keep up with new technologies and the ways in which these technologies are used. Thus, a continuous assessment of these authentication procedures is required to ensure their usability. This research aimed to compare the status of the sign-up, sign-in, and password recovery processes on 20 websites. The researcher checked every website in a separate session and used the “think-aloud” technique while recording the screen to ensure accurate data analysis. Specific items were checked during every session to detect the similarities and differences between the tested websites in their authentication processes. The results led to valuable discussions and recommendations for improving authentication procedures. Some of these recommendations include best practices for better design of password rules, determining when two-factor authentication should be compulsory, and understanding how to improve password reset processes and keep accounts secure.
... However, if the designers of authentication systems had information about how to guide older people through strong password creation better, they would be able to deal with these systems more easier. In addition, it is not just older people who have difficulties creating strong passwords, this is a widespread problem, with many people making weak passwords [11]. Thus, creating systems that clearly and simply help people make stronger passwords would be a beneficial exercise in universal design. ...
As vital services are moving increasingly online, it is important that everyone, including older people, can access them. Both high risk and many low risk online services require password authentication. Although there has been some research proposing easier to use and remember password systems, there is surprisingly little research on what problems older people have with real world authentication systems. This research conducted an online survey with 61 Chinese older people and 75 British older people about what problems they have in creating and managing passwords. There were differences between the samples of older people in the two countries in creating passwords, but few differences between the two samples in managing passwords. There were many problems in creating passwords, but not as many in terms of managing them. In particular, remembering passwords was not a particular concern, which may surprise many researchers who assume older people would have memory problems. The results have implications for where future research on password authentication for older users should be focussed.
... Although there is a large body of research work aiming at discovering how users select their web account passwords to login into websites, Wi-Fi passwords have not been investigated by the security research community. That is, the related work focuses on several aspects of password security that fall into seven broad categories: (i) Design and evaluation of password strength meters [5,6]; (ii) Efficient password guessing (cracking) attacks [7,8]; (iii) Analysis of leaked password composition and distribution [9,10]; (iv) usability studies of password managers [11,12]; (v) Impact of gender, culture and personality on password choices [13,14]; (vi) Nudging (i.e., indirect suggestions) to influence behavior towards secure password choices [15,16] and (vii) Password policies [17,18]. Despite the rich and sheer volume of password security studies, to the best of our knowledge there is no work that examines Wi-Fi passwords. ...
Passwords remain the most common method of authentication in computers and networks. Thus, passwords have been the prime targets of attackers, and the number of data breaches in the last few years proves the high value of passwords. A detailed analysis of such data can provide insight on password trends and patterns users follow when they create a password. While there is a wealth of research investigating online password choices, to the best of our knowledge, there are no studies specifically designed to capture user behavior towards Wi-Fi passwords. In this paper, we perform a large-scale analysis of Wi-Fi passwords categorizing them as public Wi-Fi passwords created for Wi-Fi hotspots and private Wi-Fi passwords created for private/home Wi-Fi installations. First, we analyze public Wi-Fi passwords by collecting and analyzing a corpus of more than one million passwords of Wi-Fi hotspots. The aim of the analysis of public Wi-Fi passwords is to reveal password characteristics and compare them against web account passwords, to discover similarities and differences between them. While comparing the collected dataset with a set of popular leaked web password databases, several similarities between them can be identified, despite the fact that these password categories serve different purposes. Secondly, we explore through an online survey, the characteristics of passwords in private/home Wi-Fi installations. The aim is to give greater insight into private Wi-Fi password selection of users and highlight password trends when it comes to context, length, strength and architecture. Results reveal that users follow several poor security practices when selecting their private Wi-Fi passwords and tend to underestimate their importance with regards to their security and privacy. To the best of the authors’ knowledge, this is the first work to examine Wi-Fi passwords characteristics and shed light on how users choose them in terms of structure and composition.
... [5,14,24,26,28,31,42,43]). For instance, Zimmermann and Renaud [44] evaluated nudges and hybrid nudges including information provision for different contexts in cybersecurity (e.g., password creation and choice of public WiFi). They found that for some contexts hybrid nudges were even more effective than a simple nudge, complementing a previous study on hybrid nudges [35]. However in other cases, nudges in cybersecurity are often not as effective as desired, because they are mostly designed for the average user, showing one-size-fits-all nudges [9,19] and neglecting public attitude towards nudging in the design process, even though nudging "strongly relies on voluntary compliance [and] public attitude towards specific nudges" [29]. ...
... Using rewards: Other research mentions that habits are composed of cues, behavior and also rewards. Renaud et al. [77], for example, have created an intervention in which they used longerlasting passwords as a reward for using a strong password. For this intervention they used a three-part approach, consisting of a simple nudge, the incentive and a reminder. ...
Security awareness is big business-virtually every organization in the Western world provides some form of awareness or training, mostly bought from external vendors. However, studies and industry reports show that these programs have little to no effect in terms of changing the security behavior of employees. We explain the conditions that enable behavior change, and identify one significant blocker in the implementation phase: not disabling existing (inse-cure) routines-failure to take out the trash-prevents embedding of new (secure) routines. Organizational Psychology offers the paradigm Intentional Forgetting (IF) and associated tools for replacing old (insecure) behaviors with new (secure) ones by identifying and eliminating different cues (sensoric, routine-based, time and space based as well as situational strength cues) that trigger old behavior. We introduce the underlying theory, examples of successful application in safety contexts, and show how its application leads to effective behavior change by reducing the information that needs to be transmitted to employees, and suppressing obsolete routines. CCS Concepts
... For example, non-adherence to cybersecurity policies is primarily caused by habits and cognitive biases concerning the reality of the risk ( Sommestad, Karlzén, & Hallberg, 2019 ). However, nudges that influence the threat appraisal alone (e.g., pop-up warn ings and framing of the risk) are not enough; a sense of ownership of what is under attack is crucial for a successful intervention ( Briggs, Jeske, & Coventry, 2017 ;Renaud & Zimmermann, 2019 ). In fact, several studies have shown that employees who feel part of the workplace com munity (i.e., high social cohesion) are more likely to adhere to safety rules (e.g., Kwok, Har ris, & McLaws, 2017 ;Leach, 2003 ). ...
This chapter discusses the role of the choice environment in decisions that are made in the workplace, and particularly how companies can influence these decisions with the help of nudges. Nudges are changes in the way choices are presented to gently steer towards the desirable choice, without impairing autonomous decision-making or changing financial incentives. This chapter provides examples of field studies that demonstrate how nudges can help stimulate employees to make healthier choices (e.g., stand-up working and healthy eating), support companies in reaching sustainability goals (e.g., energy-saving default settings), and uphold existing rules in a company (e.g., related to safety and hygiene). Concrete guidelines are provided to implement and study the effectiveness of nudge interventions. After reading this chapter, researchers and companies will know about both the possibilities and the limitations of implementing nudging (research) in the workplace.
... For instance, nudging has been successfully applied in both physical and cyber contexts, by encouraging people to make healthy food choices, or by guiding them to generate stronger passwords. 21,22 Furthermore, nudging was also successfully applied to encourage people to reduce their overall electricity consumption. 23 However, while using nudging techniques may reduce the amount of domain knowledge required, other challenges remain. ...
The transition of energy grids toward future smart grids is challenging in every way: politically, economically, legally, and technically. While many aspects progress at a velocity unthinkable a generation ago, one aspect remained mostly dormant: human electricity consumers. The involvement of consumers thus far can be summarized by two questions: “Should I buy the eco-friendly appliance? Will solar pay off for me?” However, social and psychological aspects of consumers can profoundly contribute to resilient smart grids. This vision paper explores the role of active consumer-producers (prosumers) in the resilient operation of smart energy grids. We investigate how data can empower people to become more involved in energy grid operations, the potential of heightened awareness, mechanisms for incentives, and other tools for enhancing prosumer actions toward resilience. We further explore the potential benefits to people and system when people are active, aware participants in the goals and operation of the system.
... Following this work, another form of image presentations were devised and studied: revealing the image starting from the least salient parts, and showing the most salient parts last [22]. Other forms of nudging a user towards more secure choices during password creation have also been successfully employed in grid-based graphical passwords [39] and traditional text passwords [32]. Despite the interest in priming techniques for user authentication, many questions remain open for the initial image presentation approach [36]: (1) How do these techniques affect usability? ...
Recent work suggests that a type of nudge or priming technique called the 'presentation effect' may potentially improve the security of Passpoints-style graphical passwords. These nudges attempt to prime or non-intrusively bias user password choices (i.e., point selections) by gradually revealing a background image from a particular edge to another edge at password creation time. We conduct a large-scale user study (n=865) to develop further insights into the presence of this effect and to perform the first evaluations of its usability and security impacts. Our usability analyses indicate that these priming techniques do not harm usability. Our security analyses reveal that the priming techniques measurably alter the security of graphical passwords; however, this effect is dependent on the combination of both the image and priming techniques used.
... By this, CHBS and Insertion fit newer and more nuanced definitions of nudges (Hansen, 2016). Even though other password nudges exist (e.g., Renaud & Zimmermann, 2019), we focused on these selected sub-set of password nudges to examine how they could be personalized by assigning different users to different password nudges. ...
... Complexity requirements are not enforced [149] to improve memorability. Employees are not forced to change passwords to reduce the memorial burden [150]. Furthermore, free password manager subscriptions are issued to all staff. ...
Cybersecurity has gained prominence, with a number of widely publicised security incidents, hacking attacks and data breaches reaching the news over the last few years. The escalation in the numbers of cyber incidents shows no sign of abating, and it seems appropriate to take a look at the way cybersecurity is conceptualised and to consider whether there is a need for a mindset change. To consider this question, we applied a “problematization” approach to assess current conceptualisations of the cybersecurity problem by government, industry and hackers. Our analysis revealed that individual human actors, in a variety of roles, are generally considered to be “a problem”. We also discovered that deployed solutions primarily focus on preventing adverse events by building resistance: i.e. implementing new security layers and policies that control humans and constrain their problematic behaviours. In essence, this treats all humans in the system as if they might well be malicious actors, and the solutions are designed to prevent their ill-advised behaviours. Given the continuing incidences of data breaches and successful hacks, it seems wise to rethink the status quo approach, which we refer to as “Cybersecurity, Currently”. In particular, we suggest that there is a need to reconsider the core assumptions and characterisations of the well-intentioned human's role in the cybersecurity socio-technical system. Treating everyone as a problem does not seem to work, given the current cyber security landscape. Benefiting from research in other fields, we propose a new mindset i.e. “Cybersecurity, Differently”. This approach rests on recognition of the fact that the problem is actually the high complexity, interconnectedness and emergent qualities of socio-technical systems. The “differently” mindset acknowledges the well-intentioned human's ability to be an important contributor to organisational cybersecurity, as well as their potential to be “part of the solution” rather than “the problem”. In essence, this new approach initially treats all humans in the system as if they are well-intentioned. The focus is on enhancing factors that contribute to positive outcomes and resilience. We conclude by proposing a set of key principles and, with the help of a prototypical fictional organisation, consider how this mindset could enhance and improve cybersecurity across the socio-technical system.
... Password Managers: Alphanumeric passwords have great potential for strength but fail in the hands of a heterogeneous users from all walks of life, because people choose weak passwords. Some solutions attempt to encourage stronger password choice [12]. Others suggest alternatives such as graphical passwords [13] or biometrics [14]. ...
... As the field has come to realize that knowledge, on its own, is not the silver bullet in achieving behavior change, there have been attempts to manipulate the choice architecture to nudge people towards stronger passwords [51,144]. While these manipulations show promise, they do not help us to understand the underlying reasons for reluctance to embrace stronger password choice routines. ...
The endowment effect is the term used to describe a phenomenon that manifests as a reluctance to relinquish owned artifacts, even when a viable or better substitute is offered.It has been confirmed by multiple studies when it comes to ownership of physical artifacts. If computer users also “own” and are attached to, their personal security routines, such feelings could conceivably activate the same endowment effect. This would, in turn, lead to their over-estimating the “value” of their existing routines, in terms of the protection they afford, and the risks they mitigate. They might well, as a consequence, not countenance any efforts to persuade them to adopt a more secure routine, because their comparison of pre-existing and proposed new routine is skewed by the activation of the endowment effect. In this paper, we report on an investigation into the possibility that the endowment effect activates when people adopt personal password creation routines. We did indeed find evidence that the endowment effect is likely to be triggered in this context. This constitutes one explanation for the failure of many security awareness drives to improve password strength. We conclude by suggesting directions for future research to confirm our findings, and to investigate the activation of the effect for other security routines.
... Rather, modern authentication systems require a lot of sophistication in password-generation demanding users to create more and more complex passwords which they struggle to remember. Hence, users tend to store passwords in unsecure Excel sheets, write them down on paper, and use the same passwords for multiple accounts (see Renaud and De Angeli, 2004;Renaud, 2005;Renaud and Zimmermann, 2018 for an extensive discussion of these issues). ...
This paper proposes a new Cyber Domain-Specific Risk Taking (CyberDoSpeRT) scale which aims to measure individual risk taking and risk perception towards cyber risks across 5 different dimensions. To test and validate the scale, we recruit representative samples of populations from two countries (US and UK). We show that the US population tends to exhibit higher levels of risk taking in cyberspace than the UK population. Using the CyberDoSpeRT scale, we identify 4 behavioral types in each population: Relaxed (high risk taking – low risk perception); Anxious (low risk taking – high risk perception); Opportunistic (high risk taking – high risk perception); and Ignorant (low risk taking – low risk perception). We show that cross-cultural differences between the US and the UK can be explained by higher relative concentration of Relaxed types in the US and higher relative concentration of Anxious types of the UK. Identified types are highly correlated with individuals’ ability to accurately recognize cyber threats suggesting that information about cybersecurity risks should be tailored to different behavioral types when businesses design cybersecurity awareness campaigns.
Deceptive techniques known as dark patterns specifically target online users. Children are particularly vulnerable as they might lack the skills to recognise and resist these deceptive attempts. To be effective, interventions to forewarn and forearm should build on a comprehensive understanding of children’s existing mental models. To this end, we carried out a study with 11-12 year old Scottish children to reveal their mental models of dark patterns. They were acutely aware of online deception, referring to deployers as being ‘up to no good’. Yet, they were overly vigilant and construed worst-case outcomes, with even a benign warning triggering suspicion. We recommend that rather than focusing on specific instances of dark patterns in awareness raising, interventions should prioritise improving children’s understanding of the characteristics of, and the motivations behind, deceptive online techniques. By so doing, we can help them to develop a more robust defence against these deceptive practices.
Purpose
This article surveys why libraries are vulnerable to social engineering attacks and how to manage risks of human-caused cyber threats on organizational level; investigates Estonian library staff awareness of information security and shares recommendations concerning focus areas that should be given more attention in the future.
Design/methodology/approach
The data used in this paper is based on an overview of relevant literature highlighting the theoretical points and giving the reasons why human factor is considered the weakest link in information security and cyber security and studying how to mitigate the related risks in the organisation. To perform the survey, a web questionnaire was designed which included 63 sentences and was developed based on the knowledge-attitude-behaviour (KAB) model supported by Kruger and Kearney and Human Aspects of Information Security Questionnaire (HAIS-Q) designed by Parsons et al .
Findings
The research results show that the information security awareness of library employees is at a good level; however, awareness in two focus areas needs special attention and should be improved. The output of this study is the mapping of seven focus areas of information security policy in libraries based on the HAIS-Q framework and the KAB model.
Originality/value
The cyber awareness of library employees has not been studied in the world using HAIS-Q and KAB model, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.
No longer limited to the factory hall, automation and digitization increasingly change, complement, and replace the human workplace also in the sphere of knowledge work. Technology offers the possibility of creating economically rational, autonomously acting software—the machina economica. This complements human beings who are far from being a rational homo economicus and whose behavior is biased and prone to errors. This includes behaviors that lack responsibility and sustainability. Insights from behavioral economics suggest that in the modern workplace, humans who team up with a variety of digital assistants can improve their decision-making to achieve more corporate social responsibility. Equipped with artificial intelligence (AI), machina economica can nudge human behavior to arrive at more desirable outcomes. Following the idea of augmented human-centered management (AHCM), this chapter outlines underlying mechanisms, opportunities, and threats of AI-based digital nudging.
In this article, we highlight current research directions in the Technikpsychologie research area, using the example of the interdisciplinary research work of FAI (Work and Engineering Psychology Research Group at the Technical University of Darmstadt) and the articles included in this special issue. To this end, we relate the articles in this special issue from the research areas of road traffic planning (Hupfer et al.), usable IT security and privacy solutions (Renaud), social aspects of technically mediated communication (Diefenbach), human-centered interface design (Mucha et al.), aviation safety (Santel), human-centered design of autonomous vehicles (Lindner & Stoll), and perceptual psychology-oriented product design (Zandi & Khanh) to current research projects at FAI.
Practical Relevance
Technical products only offer added value by efficiently supporting users in achieving their goals if they have been developed appropriately for the context of use and the individual characteristics of the users. The human-centered design of—especially technical—products reflects this through an iterative and participatory development process. In this article, we describe nine examples of such human-centered design of technology products. The research results and the methods presented provide insights for developers and decision-makers in the fields of transportation, IT, vehicle development and general product design.
Persuasive techniques and persuasive technologies have been suggested as a means to improve user cybersecurity behaviour, but there have been few quantitative studies in this area. In this paper, we present a large scale evaluation of persuasive messages designed to encourage University staff to complete security training. Persuasive messages were based on Cialdini’s principles of persuasion, randomly assigned, and transmitted by email. The training was real, and the messages sent constituted the real campaign to motivate users during the study period. We observed statistically significant variations, but with mild effect sizes, in participant responses to the persuasive messages. ‘Unity’ persuasive messages that had increased emphasis on the collaborative role of individual users as part of an organisation-wide team effort towards cybersecurity were more effective compared to ‘Authority’ messages that had increased emphasis on a mandatory obligation of users imposed by a hierarchical authority. Participant and organisational factors also appear to impact upon participant responses. The study suggests that the use of messages emphasising different principles of persuasion may have different levels of effectiveness in encouraging users to take particular security actions. In particular, it suggests that the use of social capital, in the form of increased emphasis of ‘unity’, may be more effective than increased emphasis of ‘authority’. These findings motivate further studies of how the use of Social capital may be beneficial for encouraging individuals to adopt similar positive security behaviours.
Recently, there has been research on what factors influence a user's password setting practices, which include various types of emotions such as anger, risk-taking tendencies, etc. However , research has shown that factors such as memorability and perceived memorability have a greater influence on password choice. Some recent research has shown a negative correlation between the perceived memorability and the perceived security of passwords, particularly passphrases (that are technically more secure). However, it is unclear whether this effect can be extended to groups with good experiences with digital spaces (IT professionals, entrepreneurs, etc.). Furthermore, it has not been determined whether random, uncommonly-worded, or complex structure passphrases would also maintain the correlation , as opposed to relatively less secure, common/simple passphrases. This study examines this problem using a diverse demographic and different categories of passphrases.
Research in service robotics strives at having a positive impact on people’s quality of life by the introduction of robotic helpers for everyday activities. From this ambition arises the need of enabling natural communication between robots and ordinary people. For this reason, Human-Robot Interaction (HRI) is an extensively investigated topic, exceeding language-based exchange of information, to include all the relevant facets of communication. Each aspect of communication (e.g. hearing, sight, touch) comes with its own peculiar strengths and limits, thus they are often combined to improve robustness and naturalness. In this contribution, an HRI framework is presented, based on pointing gestures as the preferred interaction strategy. Pointing gestures are selected as they are an innate behavior to direct another attention, and thus could represent a natural way to require a service to a robot. To complement the visual information, the user could be prompted to give voice commands to resolve ambiguities and prevent the execution of unintended actions. The two layers (perceptive and semantic) architecture of the proposed HRI system is described. The perceptive layer is responsible for objects mapping, action detection, and assessment of the indicated direction. Moreover, it has to listen to uses’ voice commands. To avoid privacy issues and not burden the computational resources of the robot, the interaction would be triggered by a wake-word detection system. The semantic layer receives the information processed by the perceptive layer and determines which actions are available for the selected object. The decision is based on object’s characteristics, contextual information and user vocal feedbacks are exploited to resolve ambiguities. A pilot implementation of the semantic layer is detailed, and qualitative results are shown. The preliminary findings on the validity of the proposed system, as well as on the limitations of a purely vision-based approach, are discussed.
Additive Manufacturing (AM) techniques have attracted great interest in sectors with high benefit such as the Medtech. The AM of continuous fiber reinforced composite is a technology that, although still in its initial development, appears to be very promising. The AM process could be particularly interesting for the production of prosthetic devices for sports (ESAR devices such as foot or foil). In this work, is explored the potential of additive manufacturing in the field of prosthetics of the lower limb through an multidisciplinary approach, involving several competences from the clinical evaluation, integration of biomechanics, development of new composite and hybrid materials based on polymers, carbon fibres and metal inserts, and implementation of optical sensors with their integration in the composites for the continuous monitoring of prosthetic devices and their durability.
Supporting users with secure password creation is a well-explored yet unresolved research topic. A promising intervention is the password meter, i.e. providing feedback on the user's password strength as and when it is created. However, findings related to the password meter's effectiveness are varied. An extensive literature review revealed that, besides password feedback, effective password meters often include: (a) feedback nudges to encourage stronger passwords choices and (b) additional guidance. A between-subjects study was carried out with 645 participants to test nine variations of password meters with different types of feedback nudges exploiting various heuristics and norms. This study explored differences in resulting passwords: (1) actual strength, (2) memorability, and (3) user perceptions. The study revealed that password feedback, in combination with a feedback nudge and additional guidance, labelled a hybrid password meter, was generally more efficacious than either intervention on its own, on all three metrics. Yet, the type of feedback nudge targeting either the person, the password creation task, or the social context, did not seem to matter much. The meters were nearly equally efficacious. Future work should explore the long-term effects of hybrid password meters in real-life settings to confirm the external validity of these findings.
In this chapter we discuss the way in which businesses currently address existing cybersecurity risks. Specifically, we distinguish between the Canvas approach (“patching with frameworks and architectures”), the Technology-driven approach (“patching with technology”) and the Human-centered approach (“patching with people”). We discuss the pros and cons of each approach and analyze their related tools and methods.
Nudging folks towards stronger password choices: providing certainty is the key – CORRIGENDUM - KAREN RENAUD, VERENA ZIMMERMANN
There has recently been an upsurge of interest in the deployment of behavioural economics techniques in the information security and privacy domain. In this paper, we consider the nature of one particular intervention, the nudge, and the way it exercises its influence. We contemplate the ethical ramifications of nudging, in its broadest sense, deriving general principles for ethical nudging from the literature. We extrapolate these principles to the deployment of nudging in information security and privacy. Furthermore, we explain how researchers can use these guidelines to ensure that they satisfy the ethical requirements during nudge trials in information security and privacy. Our guidelines also provide guidance to ethics review boards that are required to evaluate nudge-related research.
We present a similarity metric for Android unlock patterns to quantify the effective password space of user-defined gestures. Our metric is the first of its kind to reflect that users choose patterns based on human intuition and interest in geometric properties of the resulting shapes. Applying our metric to a dataset of 506 user-defined patterns reveals very similar shapes that only differ by simple geometric transformations such as rotation. This shrinks the effective password space by 66% and allows informed guessing attacks. Consequently, we present an approach to subtly nudge users to create more diverse patterns by showing background images and animations during pattern creation. Results from a user study (n = 496) show that applying such countermeasures can significantly increase pattern diversity. We conclude with implications for pattern choices and the design of enrollment processes.
It is a well known fact that user-chosen passwords are somewhat predictable: by using tools such as dictionaries or probabilistic models, attackers and password recovery tools can drastically reduce the number of attempts needed to guess a password. Quite surprisingly, however, existing literature does not provide a satisfying answer to the following question: given a number of guesses, what is the probability that a state-of-the-art attacker will be able to break a password? To answer the former question, we compare and evaluate the effectiveness of currently known attacks using various datasets of known passwords. We find that a "diminishing returns" principle applies: in the absence of an enforced password strength policy, weak passwords are common; on the other hand, as the attack goes on, the probability that a guess will succeed decreases by orders of magnitude. Even extremely powerful attackers won't be able to guess a substantial percentage of the passwords. The result of this work will help in evaluating the security of authentication means based on user- chosen passwords, and our methodology for estimating password strength can be used as a basis for creating more effective proactive password checkers for users and security auditing tools for administrators.
In recent years the concepts of 'nudge' and 'libertarian paternalism' have become popular theoretical as well as practical concepts inside as well as outside academia. But in spite of the widespread interest, confusion reigns as to what exactly is to be regarded as a nudge and how the underlying approach to behaviour change relates to libertarian paternalism. This article sets out to improve the clarity and value of the definition of nudge by reconciling it with its theoretical foundations in behavioural economics. In doing so it not only explicates the relationship between nudges and libertarian paternalism, but also clarifies how nudges relate to incentives and information, and may even be consistent with the removal of certain types of choices. In the end we are left with a revised definition of the concept of nudge that allows for consistently categorising behaviour change interventions as such and that places them relative to libertarian paternalism.
Merging insights from the intergroup relations literature and terror management theory, the authors conducted an experiment in which they assessed the impact of death-related thoughts on a series of ingroup measures. Participants in the mortality-salience condition displayed stronger ingroup identification, perceived greater ingroup entitativity, and scored higher on ingroup bias measures. Also, perceived ingroup entitativity as well as ingroup identification mediated the effect of the mortality salience manipulation on ingroup bias. The findings are discussed in relation to theories of intergroup relations and terror management theory. A new perspective on the function of group belonging also is presented.
We present results from an online experiment with the goal of nudging users towards stronger passwords. We explored the effect of suggesting different variations and constellations of passwords during password selection. In particular, we investigated whether the decoy effect can be applied here: When people face a choice between two options, adding a third, unfavorable option can influence their decision making process. As a usage scenario, we constructed a choice architecture for password generators that followed this decoy pattern and compared their effect regarding usability and security. While a previous study indicated positive results, we received mixed results regarding the feasibility of the decoy effect. Based on our study, we can however propose concepts to improve persuasive approaches to nudge users towards stronger password strategies.
Password aging based on the strength of the password provides an incentive for users to generate and/or memorize more complex passwords. The strength of the password is computed from a formula that relates the length of the password and the types of characters contained in the password to a strength value, which can be performed using a lookup table having values for different characteristics of the password, determining partial strength values corresponding to the ranges in which the characteristics fall, and then adding the partial strength values. Alternatively, a separate password strength application may be used to provide the strength value, which is entered by the user or administrator generating a new password. Alternatively, the password may be generated based on a specified desired expiration period, with the strength computation performed to ensure that the strength is sufficient to merit the desired expiration period.
The objective of information system security management is information assurance: to maintain confidentiality (privacy), integrity, and availability of information resources for authorized organizational end users. User authentication is a foundation procedure in the overall pursuit of these objectives, and password procedures have historically been the primary method of user authentication. There is an inverse relationship between the level of security provided by a password procedure and ease of recall for users. The longer the password and the more variability in its characters, the higher the level of security provided by such a password (because they are more difficult to violate or “crack”). However, such passwords tend to be more difficult for end users to remember, particularly when the password does not spell a recognizable word (or includes non-alphanumeric characters such as punctuation marks or other symbols). Conversely, when end users select their own more easily remembered passwords, the passwords may also be easier to crack. This study presents a new approach to entering passwords, which combines a high level of security with easy recall for the end user. The Check-Off Password System (COPS) is more secure than self-selected passwords as well as high-protection, assigned-password procedures. The present study investigates trade-offs between using COPS and three traditional password procedures, and provides a preliminary assessment of the efficacy of COPS. The study offers evidence that COPS is a valid alternative to current user authentication systems. End users perceive all password procedures tested to have equal usefulness, but the perceived ease of use of COPS passwords equals that of an established high-security password, and the new interface does not negatively affect user performance compared with that high-security password. Further research will be conducted to investigate long-term benefits.
Replicating Johnston & Warkentin (2010), we demonstrate that social influence and self-efficacy are the main drivers of compliance with fear appeals. Contrary to the original study, we find that the acknowledgment of a severe threat encourages subjects to seize on the proposed recommendation, bolstering perceptions of efficacy. With this sole exception, the original results are fully replicated in a different research context employing a different population.
Smartphone users are often unaware of the data collected by apps running on their devices. We report on a study that evaluates the benefits of giving users an app permission manager and sending them nudges intended to raise their awareness of the data collected by their apps. Our study provides both qualitative and quantitative evidence that these approaches are complementary and can each play a significant role in empowering users to more effectively control their privacy. For instance, even after a week with access to the permission manager, participants benefited from nudges showing them how often some of their sensitive data was be-ing accessed by apps, with 95% of participants reassessing their permissions, and 58% of them further restricting some of their permissions. We discuss how participants interacted both with the permission manager and the privacy nudges, analyze the effective-ness of both solutions, and derive some recommendations.
This paper considers the utility of employing behavioural nudges to change security-related behaviours. We examine the possibility that the effectiveness of nudges may depend on individual user characteristics – which represents a starting point for more personalized behaviour change in security. We asked participants to select from a menu of public wireless networks, using colour and menu order to ‘nudge’ participants towards making more secure choices. The preliminary results from 67 participants suggest that while nudging can be an effective tool to help non-experts to select more secure networks, certain user differences may also play a role. Lower (novice level) IT proficiency and diminished impulse control led to poorer security decisions. At the same time, we were able to demonstrate that our nudge effectively changed the behaviour of participants with poor impulse control. We discuss these implications and pose several questions for future research.
By allowing individuals to be permanently connected to the Internet, mobile devices ease the way information can be ac-cessed and shared online, but also raise novel privacy chal-lenges for end users. Recent behavioral research on "soft" or "asymmetric" paternalism has begun exploring ways of helping people make better decisions in different aspects of their lives. We apply that research to privacy decision mak-ing, investigating how soft paternalistic solutions (also known as nudges) may be used to counter cognitive biases and ame-liorate privacy-sensitive behavior. We present the theoret-ical background of our research, and highlight current in-dustry solutions and research endeavors that could be classi-fied as nudging interventions. We then describe our ongoing work on embedding soft paternalistic mechanisms in loca-tion sharing technologies and Twitter privacy agents.
Smartphone users visit application marketplaces (or app stores) to search and in-stall applications. However, these app stores are not free from privacy-invasive apps, which collect personal information without sufficient disclosure or people’s consent. To nudge people away from privacy-invasive apps, we created a visual representation of the mobile app’s privacy rating. Inspired by “Framing Effects,” we designed semantically equivalent visuals that are framed in either a positive or negative way. We investigated the effect of the visual privacy rating, framing, and user rating on people’s perception of an app (e.g., trustworthiness) through two experiments. In Study 1, participants were able to understand the intended mean-ing of the visual privacy ratings. In Study 2, we found a strong main effect for visual privacy rating on participants’ perception of an app, and framing effects in a low privacy rating app. We discuss implications for designing visual privacy ratings, including the use of positive visual framing to nudge people away from privacy-invasive apps
Displaying images of eyes causes people to behave more pro-socially in a variety of contexts. However, it is unclear whether eyes work by making people universally more pro-social, or by making them more likely to conform to local norms. If the latter, images of eyes could sometimes make people less pro-social if pro-social behaviour is not the local norm. To separate these hypotheses we conducted a field experiment in which we explored whether manipulating a local descriptive norm altered the eyes effect. We recorded litter dropping decisions on a university campus in a 2 x 2 design, comparing situations with and without litter already on the ground (a manipulation of the local descriptive norm) and with and without large signs displaying images of watching eyes. We additionally recorded the number of potential human observers in the vicinity at the time of each littering decision. We observed a norm effect: the presence of litter on the ground increased littering, replicating previous findings. We also found that images of watching eyes reduced littering, although contrary to previous findings this was only when there were larger numbers of people around. With regard to our central aim, we found no evidence that litter on the ground interacted non-additively with images of eyes to induce increased littering behaviour. Our data therefore support the hypothesis that images of eyes induce more pro-social behaviour, independent of local norms. This finding has positive implications for the application of eye images in combating anti-social behaviour.
To help users create stronger text-based passwords, many web sites have deployed password meters that provide visual feedback on password strength. Although these meters are in wide use, their effects on the security and usability of passwords have not been well studied. We present a 2,931-subject study of password creation in the presence of 14 password meters. We found that meters with a variety of visual appearances led users to create longer passwords. However, significant increases in resistance to a password-cracking algorithm were only achieved using meters that scored passwords stringently. These stringent meters also led participants to include more digits, symbols, and uppercase letters. Password meters also affected the act of password creation. Participants who saw stringent meters spent longer creating their password and were more likely to change their password while entering it, yet they were also more likely to find the password meter annoying. However, the most stringent meter and those without visual bars caused participants to place less importance on satisfying the meter. Participants who saw more lenient meters tried to fill the meter and were averse to choosing passwords a meter deemed "bad" or "poor." Our findings can serve as guidelines for administrators seeking to nudge users towards stronger passwords.
The rapid growth and transmission of information in the digital age poses new challenges for individuals coping with the onslaught of communications from multiple sources. This research (a) conceptualizes and measures perceived information overload from cyber-based and place-based sources, (b) tests the reliability and validity of a newly developed Perceived Information Overload Scale, and (c) tests hypotheses concerning the psychological and health outcomes of information overload. A repeated-measures panel study design was used to test the proposed hypotheses. Confirmatory factor analyses provided support for the hypothesized two-factor model of perceived information overload, encompassing cyber-based and place-based sources of stimulation. Hierarchical regression analyses indicated that higher levels of perceived cyber-based overload significantly predicted self-reports of greater stress, poorer health, and less time devoted to contemplative activities, controlling for age, gender, ethnicity, and baseline measures of stress and health status. Participants’ sensation-seeking levels were found to significantly moderate the relationships between cyber-based, place-based, and composite perceived information overload and stress. Directions for further study are discussed.
The decoy effect, a model of consumer behavior, hypothesizes that the introduction of a carefully constructed "decoy" into a choice set will result in a segment of consumers shifting their choice to a higher priced targeted item. The decoy is a high-price, low-value product compared to other items in the choice set. This study tested the decoy effect, using choices of tour packages to Las Vegas, Nevada, and Disney World, Florida. The introduc tion of decoy packages resulted in some consumers shifting their preferences to higher priced packages. Implications for travel marketers are suggested.
It is often assumed that affective information is represented within a semantic network. This hypothesis is more closely examined here, using a picture-word variant of the Stroop task. The studies are inspired by a recent theory of W.R. Glaser and M.O. Glaser (1989), who proposed a distinction between a semantic system, to which pictures have privileged access, and a lexical system with privileged access for words. If affective information is stored in the semantic system, differences in the affective processing of words and pictures can be expected. In Experiment 1, subjects had to name the affective value of the picture (or the word) of a picture-word stimulus. It was found that affect-incongruent distractors influenced the affective categorisation of words, but not of pictures. Also, the evaluation of pictures was much faster than the evaluation of words. Finally, the results showed that negative targets were categorised more quickly than positive ones, regardless of the type of target. In Experiment 2, subjects had to name the picture or to read the word. Negative pictures were named faster than positive ones, but affect did not influence word reading. All results support the hypothesis that pictures have privileged access to a semantic network containing affective information.
Virtual keyboards of different smartphone platforms seem quite similar at first glance, but the transformation from a physical to a virtual keyboard on a small-scale display results in user experience variations that cause significant differences in usability as well as shoulder surfing susceptibility, i.e., the risk of a bystander observing what is being typed. In our work, we investigate the impact of both aspects on the security of text-based password entry on mobile devices. In a between subjects study with 80 participants, we analyzed usability and shoulder surfing susceptibility of password entry on different mobile platforms (iOS, Android, Windows Phone, Symbian, MeeGo). Our results show significant differences in the usability of password entry (required password entry time, typing accuracy) and susceptibility to shoulder surfing. Our results provide insights for security-aware design of on-screen keyboards and for password composition strategies tailored to entry on smartphones.
Every day, we make decisions on topics ranging from personal investments to schools for our children to the meals we eat to the causes we champion. Unfortunately, we often choose poorly. The reason, the authors explain, is that, being human, we all are susceptible to various biases that can lead us to blunder. Our mistakes make us poorer and less healthy; we often make bad decisions involving education, personal finance, health care, mortgages and credit cards, the family, and even the planet itself. Thaler and Sunstein invite us to enter an alternative world, one that takes our humanness as a given. They show that by knowing how people think, we can design choice environments that make it easier for people to choose what is best for themselves, their families, and their society. Using colorful examples from the most important aspects of life, Thaler and Sunstein demonstrate how thoughtful "choice architecture" can be established to nudge us in beneficial directions without restricting freedom of choice. Nudge offers a unique new take-from neither the left nor the right-on many hot-button issues, for individuals and governments alike. This is one of the most engaging and provocative books to come along in many years. © 2008 by Richard H. Thaler and Cass R. Sunstein. All rights reserved.
It is a well known fact that user-chosen passwords are somewhat predictable: by using tools such as dictionaries or probabilistic models, attackers and password recovery tools can drastically reduce the number of attempts needed to guess a password. Quite surprisingly, however, existing literature does not provide a satisfying answer to the following question: given a number of guesses, what is the probability that a state-of-the-art attacker will be able to break a password? To answer the former question, we compare and evaluate the effectiveness of currently known attacks using various datasets of known passwords. We find that a "diminishing returns" principle applies: in the absence of an enforced password strength policy, weak passwords are common; on the other hand, as the attack goes on, the probability that a guess will succeed decreases by orders of magnitude. Even extremely powerful attackers won't be able to guess a substantial percentage of the passwords. The result of this work will help in evaluating the security of authentication means based on user- chosen passwords, and our methodology for estimating password strength can be used as a basis for creating more effective proactive password checkers for users and security auditing tools for administrators.
How are group-based identities related to intergroup conflict? When and how do ethnic, religious, and national identities lead to oppression, violence, rebellion, war, mass murder, and genocide? How do intergroup conflicts change people’s identities? How might social identity be harnessed in the service of reducing conflict between groups? The chapters in this book present a sophisticated and detailed interdisciplinary analysis of the most fundamental issues in understanding identity and conflict.
The common approach to the multiplicity problem calls for controlling the familywise error rate (FWER). This approach, though, has faults, and we point out a few. A different approach to problems of multiple significance testing is presented. It calls for controlling the expected proportion of falsely rejected hypotheses — the false discovery rate. This error rate is equivalent to the FWER when all hypotheses are true but is smaller otherwise. Therefore, in problems where the control of the false discovery rate rather than that of the FWER is desired, there is potential for a gain in power. A simple sequential Bonferronitype procedure is proved to control the false discovery rate for independent test statistics, and a simulation study shows that the gain in power is substantial. The use of the new procedure and the appropriateness of the criterion are illustrated with examples.
Why are some nudges ineffective, or at least less effective than choice architects hope and expect? Focusing primarily on default rules, this essay emphasizes two reasons for this. The first involves strong antecedent preferences on the part of choosers. The second involves successful “counternudges,” which persuade people to choose in a way that confounds the efforts of choice architects. Nudges might also be ineffective, and less effective than expected, for five other reasons: (1) some nudges produce confusion in the target audience; (2) some nudges have only short-term effects; (3) some nudges produce “reactance” (though this appears to be rare); (4) some nudges are based on an inaccurate (though initially plausible) understanding on the part of choice architects of what kinds of choice architecture will move people in particular contexts; and (5) some nudges produce compensating behavior, resulting in no net effect. When a nudge turns out to be insufficiently effective, choice architects have three potential responses: (1) do nothing; (2) nudge better (or differently); and (3) fortify the effects of the nudge, perhaps through counter-counternudges, or perhaps through incentives, mandates, or bans.
Environmental policies are increasingly informed by behavioral economics insights. ‘Green nudges’ in particular have been suggested as a promising new tool to encourage consumers to act in an environmentally benign way, such as choosing renewable energy sources or saving energy. While there is an emerging literature on the instrumental effectiveness of behavioral policy tools such as these, their ethical assessment has largely been neglected. This paper attempts to fill this gap by, first, providing a structured overview of the most important contributions to the literature on pro-environmental nudges and, second, offering some critical considerations that may help the practitioner come to an ethically informed assessment of nudges.
In the United States, the United Kingdom, Australia, and many other nations, those involved in law and policy have been exploring choice-preserving approaches, or “nudges,” informed by behavioral science and with the purpose of promoting important public policy goals, such as improved health and safety. But there is a large and insufficiently explored difference between System 1 nudges, which target or benefit from automatic processing, and System 2 nudges, which target or benefit from deliberative processing. Graphic warnings and default rules are System 1 nudges; statistical information and factual disclosures are System 2 nudges. On philosophical grounds, it might seem tempting to prefer System 2 nudges, on the assumption that they show greater respect for individual dignity and promote individual agency. A nationally representative survey in the United States finds evidence that in important contexts, majorities do indeed prefer System 2 nudges. At the same time, that preference is not fixed and firm. If people are asked to assume that the System 1 nudge is significantly more effective, then large numbers of them will move in its direction. In a range of contexts, Republicans, Democrats, and independents show surprisingly similar responses. The survey findings, and an accompanying normative analysis, offer lessons for those involved in law and policy who are choosing between System 1 nudges and System 2 nudges.
Although many users create predictable passwords, the extent to which users realize these passwords are predictable is not well understood. We investigate the relationship between users' perceptions of the strength of specific passwords and their actual strength. In this 165-participant online study, we ask participants to rate the comparative security of carefully juxtaposed pairs of passwords, as well as the security and memorability of both existing passwords and common password-creation strategies. Participants had serious misconceptions about the impact of basing passwords on common phrases and including digits and keyboard patterns in passwords. However, in most other cases, participants' perceptions of what characteristics make a password secure were consistent with the performance of current password-cracking tools. We find large variance in participants' understanding of how passwords may be attacked, potentially explaining why users nonetheless make predictable passwords. We conclude with design directions for helping users make better passwords.
Users of computing systems and devices frequently make decisions related to information security, e. g., when choosing a password, deciding whether to log into an unfamiliar wireless network, etc. Employers or other stakeholders may have a preference for certain outcomes, without being able to or having a desire to enforce a particular decision. In such situations, systems may build in design nudges to influence the decision making, e. g., by highlighting the employer’s preferred solution. In this paper we model influencing in information security to identify which approaches to influencing are most effective and how they can be optimized. To do so, we extend traditional multi-criteria decision analysis models with modifiable criteria, to represent the approaches an influencer has available to influence the choice of the decision maker. We also introduce the notion of influence power, to characterize the extend to which an influencer can influence decision makers. We illustrate our approach using data from a controlled experiment on techniques to influence which public wireless network users select. This allows us to calculate influence power and identify which design nudges exercise the most influence over user decisions.
Given the numerous constraints of onscreen keyboards, such as smaller keys and lack of tactile feedback, remembering and typing long, complex passwords — an already burdensome task on desktop computing systems —becomes nearly unbearable on small mobile touchscreens. Complex passwords require numerous screen depth changes and are problematic both motorically and cognitively. Here we present baseline data on device- and age-dependent differences in human performance with complex passwords, providing a valuable starting dataset to warn that simply porting password requirements from one platform to another (i.e., desktop to mobile) without considering device constraints may be unwise.
Users often make passwords that are easy for attackers to guess.
Prior studies have documented features that lead to easily guessed
passwords, but have not probed why users craft weak passwords.
To understand the genesis of common password patterns and uncover
average users’ misconceptions about password strength, we
conducted a qualitative interview study. In our lab, 49 participants
each created passwords for fictitious banking, email, and news website
accounts while thinking aloud. We then interviewed them about
their general strategies and inspirations. Most participants had a
well-defined process for creating passwords. In some cases, participants
consciously made weak passwords. In other cases, however,
weak passwords resulted from misconceptions, such as the belief
that adding “!” to the end of a password instantly makes it secure
or that words that are difficult to spell are more secure than easy-to-spell
words. Participants commonly anticipated only very targeted
attacks, believing that using a birthday or name is secure if those
data are not on Facebook. In contrast, some participants made secure
passwords using unpredictable phrases or non-standard capitalization.
Based on our data, we identify aspects of password
creation ripe for improved guidance or automated intervention.
Experts share their on the theory on passwords has lagged practice where large providers use back-end smarts to survive with imperfect technology. Extensive published research has focused on specific aspects of the problem that can be easily formalized but do not actually have a major influence on real-world design goals. The focus of published research on clean, well-defined problems has caused the neglect of the complications of real-world Web authentication. This misplaced focus continues to hinder the applicability of password research to practice. Failure to recognize the broad range of usability, deployability, and security challenges in Web authentication has produced a several mutually incompatible password requirements for users and extensive attempts by researchers to find a solution have failed, despite different requirements in different applications.
Passwords are ubiquitous in our daily digital lives. They protect various types of assets ranging from a simple account on an online newspaper website to our health information on government websites. However, due to the inherent value they protect, attackers have developed insights into cracking/guessing passwords both offline and online. In many cases, users are forced to choose stronger passwords to comply with password policies; such policies are known to alienate users and do not significantly improve password quality. Another solution is to put in place proactive password-strength meters/checkers to give feedback to users while they create new passwords. Millions of users are now exposed to these meters on highly popular web services that use user-chosen passwords for authentication. More recently, these meters are also being built into popular password managers, which protect several user secrets including passwords. Recent studies have found evidence that some meters actually guide users to choose better passwords - which is a rare bit of good news in password research. However, these meters are mostly based on ad hoc design. At least, as we found, most vendors do not provide any explanation for their design choices, sometimes making them appear as a black box. We analyze password meters deployed in selected popular websites and password managers. We document obfuscated source-available meters, infer the algorithm behind the closed-source ones, and measure the strength labels assigned to common passwords from several password dictionaries. From this empirical analysis with millions of passwords, we shed light on how the server end of some web service meters functions and provide examples of highly inconsistent strength outcomes for the same password in different meters, along with examples of many weak passwords being labeled as strong or even excellent. These weaknesses and inconsistencies may confuse users in choosing a stronger password, and thus may weaken the purpose of these meters. On the other hand, we believe these findings may help improve existing meters and possibly make them an effective tool in the long run.
Applications often use behavior control mechanisms in order to ensure that individuals create sufficiently strong passwords. Behavior controls, which force individuals to utilize specific password characteristics, are assumed to be the best mechanism to encourage strong password creation. However, an over reliance on them could lead to counterproductive security behaviors. This study examines the efficacy of formal controls in the password creation process to determine if their use does indeed result in meaningfully stronger passwords than informal control techniques. Findings demonstrate that controls used during the password creation process do indeed shape password strength, but that behavior controls do not produce significantly stronger passwords than informal controls. Using an Agency Theory perspective, control techniques are considered in their ability to align principal-agent goal and risk perceptions. Findings illustrate the importance of using both informal and formal controls as a means of creating strong and effective passwords.
Purpose
– Text-based passwords created by users are typically weak. A common mitigation is to provide meaningful feedback to users regarding the relative strength of their newly created password. However, the effects of these feedback mechanisms on users to create stronger passwords have not been well studied. This study examined four different types of password feedback mechanisms to determine which, if any, are the most effective. The paper aims to discuss these issues.
Design/methodology/approach
– Undergraduate student volunteers created four different passwords and then entered the passwords into four different online password feedback mechanisms. Participants were then asked whether the feedback persuaded them to change their original password.
Findings
– In all cases, the feedback mechanisms significantly influenced users with lower password entropy to choose a more secure password. The password feedback mechanism that was most effective was the feedback of the estimated amount of time to break the password.
Research limitations/implications
– Undergraduate students in an academic environment were the participants, which may limit external validity.
Practical implications
– The implications are for designers of web sites and other applications that require users to create a text-based password: any feedback mechanism can influence users to create passwords with higher entropy, yet those that indicate the length of time it would take to crack the password are most effective.
Originality/value
– There are a wide variety of password feedback mechanisms in use. However, their effects on influencing users to create stronger passwords have not been well studied.
Password meters tell users whether their passwords are "weak" or "strong." We performed a laboratory experiment to examine whether these meters influenced users' password selections when they were forced to change their real passwords, and when they were not told that their passwords were the subject of a study. We observed that the presence of meters yielded significantly stronger passwords. We performed a followup field experiment to test a different scenario: creating a password for an unimportant account. In this scenario, we found that the meters made no observable difference: participants simply reused weak passwords that they used to protect similar low-risk accounts. We conclude that meters result in stronger passwords when users are forced to change existing passwords on "important" accounts and that individual meter design decisions likely have a marginal impact.
Passwords remain the dominant authentication mechanism for information security. Unfortunately, research has shown that most passwords are highly insecure. Given the risks of using weak passwords, there is a need to effectively motivate users to select strong passwords. In this study we examine the influence of interactivity, as well as static and interactive fear appeals, on motivating users to increase the strength of their passwords. We developed a field experiment involving the account registration process of a website in use in which we observed the strength of passwords chosen by users. Data were collected from 354 users in 65 countries. We found that while the interactive password strength meter and static fear appeal treatments were not effective, the interactive fear appeal treatment resulted in significantly stronger passwords. Our findings suggest that interactive fear appeals are a promising means of encouraging a range of secure behaviors in end users.
We evaluate two decades of proposals to replace text passwords for general-purpose user authentication on the web using a broad set of twenty-five usability, deployability and security benefits that an ideal scheme might provide. The scope of proposals we survey is also extensive, including password management software, federated login protocols, graphical password schemes, cognitive authentication schemes, one-time passwords, hardware tokens, phone-aided schemes and biometrics. Our comprehensive approach leads to key insights about the difficulty of replacing passwords. Not only does no known scheme come close to providing all desired benefits: none even retains the full set of benefits that legacy passwords already provide. In particular, there is a wide range from schemes offering minor security benefits beyond legacy passwords, to those offering significant security benefits in return for being more costly to deploy or more difficult to use. We conclude that many academic proposals have failed to gain traction because researchers rarely consider a sufficiently wide range of real-world constraints. Beyond our analysis of current schemes, our framework provides an evaluation methodology and benchmark for future web authentication proposals.
Fazio, Sanbonmatsu, Powell, and Kardes (1986) argued that affect may be activated automatically from memory on the mere observation of an affect-loaded stimulus. Using a variant of the standard sequential priming paradigm, it was demonstrated that the time needed to evaluate target words as positive or negative decreased if they were preceded by a similarly valenced prime word, but increased when preceded by a prime of opposite valence. Several aspects of their procedure, however, do not warrant their conclusion concerning the unconditionality of the effect. The present research investigated the generality of this affective priming effect. In Experiment 1, it was tested whether the effect can be generalised to more complex visual material. Stimulus pairs consisted of colour slides. Subjects had to evaluate the targets as quickly as possible. In Experiment 2, the standard word-word procedure was used, but target words had to be pronounced. In both experiments, significant affective priming effects were observed, supporting Bargh, Chaiken, Govender, and Pratto's (1992) assertion that the automatic activation effect is a pervasive and relative unconditional phenomenon. Implications for theories of affect and emotion are discussed.
We report the results of the first large-scale empirical analysis of password implementations deployed on the Internet. Our study included 150 websites which offer free user accounts for a variety of purposes, including the most popular destinations on the web and a random sample of
e-commerce, news, and communication websites. Although all sites evaluated relied on user-chosen textual passwords for authentication, we found many subtle but important technical variations in implementation with important security implications. Many poor practices were commonplace,
such as a lack of encryption to protect transmitted passwords, storage of cleartext passwords in server databases, and little protection of passwords from brute force attacks. While a spectrum of implementation quality exists with a general correlation between implementation choices within more-secure and less-secure websites, we find a surprising number of inconsistent choices within
individual sites, suggesting that the lack of a standards is harming security. We observe numerous ways in which the technical failures of lower-security sites can compromise higher-security sites due to the well-established tendency of users to re-use passwords. Our data confirms that the worst security practices are indeed found at sites with few security incentives, such as newspaper websites, while sites storing more sensitive information such as payment details or user communication implement more password security. From an economic viewpoint, password insecurity is a negative externality that the market has been unable to correct, undermining the viability of password-based
authentication. We also speculate that some sites deploying passwords do so primarily for psychological reasons, both as a justification for collecting marketing data and as a way to build trusted relationships with customers. This theory suggests that efforts to replace passwords with more secure protocols or federated identity systems may fail because they don’t recreate the entrenched ritual of password authentication.
Design activities are central to most applied disciplines. Research in design has a long history in many fields including
architecture, engineering, education, psychology, and the fine arts (Cross 2001). The computing and information technology
(CIT) field since its advent in the late 1940s has appropriated many of the ideas, concepts, and methods of design science
that have originated in these other disciplines. However, information systems (IS) as composed of inherently mutable and adaptable
hardware, software, and human interfaces provide many unique and challenging design problems that call for new and creative
ideas.