TY - JOUR
T1 - "Protect Me Tomorrow"
T2 - Commitment Nudges to Remedy Compromised Passwords
AU - Peer, Eyal
AU - Frik, Alisa
AU - Gilsenan, Conor
AU - Egelman, Serge
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s).
PY - 2024/11/9
Y1 - 2024/11/9
N2 - Internet users often neglect important security actions (e.g., installing security updates or changing passwords) because they interrupt users' main task at inopportune times. Commitment devices, such as reminders and promises, have been found to be effective at reducing procrastination in other domains. In a series of online experiments (), we explored the effects of reminders and promises on users' willingness to change a compromised password. We find that adding an option to delay the task increases the share of people willing to eventually change their password considerably. Critically, the option to delay yields this overall increase without reducing the share of people choosing to change their password immediately. Additionally, most participants who promised to change their password later, or asked to be reminded to do so, indeed followed through on their commitment, leading to a net positive effect. Reminding participants of their previous commitment further increased this effect.
AB - Internet users often neglect important security actions (e.g., installing security updates or changing passwords) because they interrupt users' main task at inopportune times. Commitment devices, such as reminders and promises, have been found to be effective at reducing procrastination in other domains. In a series of online experiments (), we explored the effects of reminders and promises on users' willingness to change a compromised password. We find that adding an option to delay the task increases the share of people willing to eventually change their password considerably. Critically, the option to delay yields this overall increase without reducing the share of people choosing to change their password immediately. Additionally, most participants who promised to change their password later, or asked to be reminded to do so, indeed followed through on their commitment, leading to a net positive effect. Reminding participants of their previous commitment further increased this effect.
KW - behavioral economics
KW - nudges
KW - passwords
KW - usable security
UR - http://www.scopus.com/inward/record.url?scp=85209128799&partnerID=8YFLogxK
U2 - 10.1145/3689038
DO - 10.1145/3689038
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:85209128799
SN - 1073-0516
VL - 31
JO - ACM Transactions on Computer-Human Interaction
JF - ACM Transactions on Computer-Human Interaction
IS - 5
M1 - 59
ER -