Abstract
Information security emphasizes the importance of motivating end users to improve their security behavior towards protecting their private and organizational information assets. Password authentication is widely used as a user authentication method to safeguard information resources from unauthorized access. Despite its prevalence password best practice is not often followed and the use of weak passwords persist. Although password strength feedback mechanisms commonly aim to extrinsically motivate users to improve their password creating behavior, it is not yet clear how other methods, specifically gamification, influences security behavior regarding password creation behavior. The purpose of this study is to examine the effect gamification on user information security behavior, specifically regarding password creation. This study presents results from an online experiment of 232 respondents, who interacted with two different password strength feedback methods, namely a meter feedback method and a gamified feedback method using gamification points. A significant difference between the methods was found when measuring password strength using the number of guesses needed to crack the password, with the points method resulting in stronger passwords. The results of the study reveal that gamified feedback can lead to increased engagement and stronger password creation.
Highlights
A common approach used to protect user’s information assets from unauthorized access, is using user authentication methods [1]
The main objective of this study is to examine the effect of gamified feedback on user information security behavior, regarding password creation
The primary research question to be addressed in this study is: How does gamified feedback affect user information security behavior regarding password creation? This study further aims to investigate an alternative password strength feedback method to existing fear-driven methods, to potentially motivate users more effectively to create strong passwords
Summary
A common approach used to protect user’s information assets from unauthorized access, is using user authentication methods [1]. A popular form of authentication that is used in information security is password verification and it is especially important to motivate users to improve their security behavior regarding password creation [2-4]. This study contributes to information security behavior research by investigating this phenomenon. The main objective of this study is to examine the effect of gamified feedback on user information security behavior, regarding password creation. The primary research question to be addressed in this study is: How does gamified feedback affect user information security behavior regarding password creation? This study further aims to investigate an alternative password strength feedback method to existing fear-driven methods (password meter), to potentially motivate users more effectively to create strong passwords. The research question is evaluated using empirical data, which is collected using an online experiment
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
