Author(s): Tobias Seitz, Emanuel von Zezschwitz, Stefanie Meitner, Heinrich Hussmann

Download: Paper (PDF)

Date: 12 Aug 2016

Document Type: Presentations

Associated Event: NDSS Symposium 2016

Abstract:

We present results from an online experiment with the goal of nudging users towards stronger passwords. We explored the effect of suggesting different variations and constellations of passwords during password selection. In particular, we investigated whether the decoy effect can be applied here: When people face a choice between two options, adding a third, unfavorable option can influence their decision making process. As a usage scenario, we constructed a choice architecture for password generators that followed this decoy pattern and compared their effect regarding usability and security. While a previous study indicated positive results, we received mixed results regarding the feasibility of the decoy effect. Based on our study, we can however propose concepts to improve persuasive approaches to nudge users towards stronger password strategies