Influencing Self-Selected Passwords Through Suggestions and the Decoy Effect
Download: Paper (PDF)
Date: 12 Aug 2016
Document Type: Presentations
Associated Event: NDSS Symposium 2016
Abstract:
We present results from an online experiment with the goal of nudging users towards stronger passwords. We explored the effect of suggesting different variations and constellations of passwords during password selection. In particular, we investigated whether the decoy effect can be applied here: When people face a choice between two options, adding a third, unfavorable option can influence their decision making process. As a usage scenario, we constructed a choice architecture for password generators that followed this decoy pattern and compared their effect regarding usability and security. While a previous study indicated positive results, we received mixed results regarding the feasibility of the decoy effect. Based on our study, we can however propose concepts to improve persuasive approaches to nudge users towards stronger password strategies