September 13, 2024 — Internet passwords and security updates often appear at inopportune times and are thus ignored, leading Hebrew University of Jerusalem and U.C. Berkeley researchers to devise a new, simple, and effective approach that could significantly improve cybersecurity behavior.
According to a new study led by Prof. Eyal Pe’er from the Hebrew University Federmann School of Public Policy and published in ACM Transactions on Computer-Human Interaction, allowing internet users the choice to delay important security tasks, with a promise to complete them later increases the likelihood that they will actually do the update.
“Security tasks often interrupt users at inconvenient times, leading to procrastination or outright neglect,” says Prof. Pe’er. “Our research shows that by allowing users to delay these and commit to completing them later, we can significantly increase the rate at which users complete critical security actions. This approach offers a practical behavioral solution to a common problem in online security.”
The series of online experiments focused on understanding how these “nudges” could affect users’ willingness to change a compromised password. The study found that participants who made a promise to change their password later or requested a reminder were much more likely to follow through on their commitment. The effect was further enhanced when participants were reminded of their previous commitment, leading to a net positive impact on cybersecurity behavior.
More than 80% of computer breaches are related to stolen, weak, or reused passwords. In 2022 alone, over 24 billion passwords were exposed by hackers.
The implications of this study are far-reaching, offering an effective strategy to improve cybersecurity compliance among internet users. By incorporating delay options and commitment nudges into security protocols, online platforms and services can better protect their users from potential security threats.
The research paper titled “Protect Me Tomorrow”: Commitment Nudges to Remedy Compromised Passwords” is now available at ACM Journals and can be accessed here.
The study was funded with a grant from the National Science Foundation (NSF) and the US-Israel Binational Science Foundation (BSF).
Researchers:
Eyal Pe’er1, Alisa Frik2, Conor Gilsenan3, Serge Egelman2,3
Institution:
- The Federmann School of Public Policy, Hebrew University of Jerusalem, Jerusalem, Israel
- International Computer Science Institute, Berkeley, USA
- University of California, Berkeley, USA
Related articles
Hebrew University Prof. Haitham Amal Receives Large Grant for Autism Research from the California Institute for Regenerative Medicine
September 18, 2024 — Prof. Haitham Amal, from the Hebrew University of Jerusalem, is one of the world-class researchers who has received part of a sizeable $17M consortium grant for pioneering Autism Spectrum Disorder (ASD) research from the California Institute for Regenerative Medicine (CIRM).
Parents Need to Do Their Own Homework on Helping Kids With Theirs, According to New Hebrew University Study
September 13, 2024 — Parents who have difficulty regulating their emotions, displaying frustration or discouragement, create stressful homework sessions and reduce their K-6 child’s engagement, according to a new study by researchers at the Hebrew University of Jerusalem. The study,
Prenatal Cannabis Use May Have Slight ADHD Risk According to New Hebrew University Study
September 13, 2024 — Prenatal cannabis exposure is not associated with a significantly increased risk for autism spectrum disorder (ASD), psychotic symptoms, anxiety, and depression in the offspring but may result in a mildly increased risk for ADHD and raise the offspring’s vulnerability to
