“Protect Me Tomorrow”: Commitment Nudges to Remedy Compromised Passwords-Reference-Cited by-同舟云学术

“Protect Me Tomorrow”: Commitment Nudges to Remedy Compromised Passwords

Published:2024-08-16 Issue: Volume: Page:
ISSN:1073-0516
Container-title:ACM Transactions on Computer-Human Interaction
language:en
Short-container-title:ACM Trans. Comput.-Hum. Interact.

Author:

Peer Eyal¹^ORCID,Frik Alisa²^ORCID,Gilsenan Conor³^ORCID,Egelman Serge⁴^ORCID

Affiliation:

1. Hebrew University of Jerusalem, Israel

2. International Computer Science Institute, USA

3. University of California, Berkeley, USA

4. International Computer Science Institute / University of California, Berkeley, USA

Abstract

Internet users often neglect important security actions (e.g., installing security updates or changing passwords) because they interrupt users’ main task at inopportune times. Commitment devices, such as reminders and promises, have been found to be effective at reducing procrastination in other domains. In a series of online experiments (

\(n\,{\gt}\,3,000\)

), we explored the effects of reminders and promises on users’ willingness to change a compromised password. We find that adding an option to delay the task increases the share of people willing to eventually change their password considerably. Critically, the option to delay yields this overall increase without reducing the share of people choosing to change their password immediately. Additionally, most participants who promised to change their password later, or asked to be reminded to do so, indeed followed through on their commitment, leading to a net positive effect. Reminding participants of their previous commitment further increased this effect.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3689038

Reference90 articles.

1. Alessandro Acquisti. 2004. Privacy in Electronic Commerce and the Economics of Immediate Gratification. In Proceedings of the ACM Electronic Commerce Conference (EC ’04). ACM Press, New York, NY, 21–29. http://www.heinz.cmu.edu/∼acquisti/papers/privacy-gratification.pdf.

2. Nudges for Privacy and Security

3. Dan Ariely and Klaus Wertenbroch. 2002. Procrastination, deadlines, and performance: Self-control by precommitment. Psychological science 13, 3 (2002), 219–224.

4. Gabriel Bassett C. David Hylender Philippe Langlois Alexandre Pinto and Suzanne Widup. 2021. 2021 Data Breach Investigations Report. https://www.verizon.com/business/resources/reports/2021/2021-data-breach-investigations-report.pdf. Verizon.

5. Can honesty oaths, peer interaction, or monitoring mitigate lying;Beck Tobias;Journal of Business Ethics,2020