INFLUENCING SELF-SELECTED PASSWORDS
THROUGH SUGGESTIONS AND THE DECOY EFFECT
Tobias Seitz, Emanuel von
Zezschwitz, Stefani...
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 3
http://www.thereg...
IMPROVING ‘DADADA’: GENERATED PASSWORDS
Security:
Random system generated passwords would help to secure an account
Usabil...
IMPROVING GENERATED PASSWORDS: PHRASES
CorrectHorseBatteryStaple
Security: Word-based passphrases perform well against cra...
IMPROVING PHRASES: SHOW ALTERNATIVES
Challenges of suggesting passphrases:
­ Unattractive word constellation, e.g. Girth-I...
THEORETICAL BACKGROUND &
CONCEPT DEVELOPMENT
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGEST...
PERSUASION & NUDGING
Password meters and feedback:
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH S...
THE DECOY EFFECT - EXAMPLE
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY...
THE DECOY EFFECT - EXAMPLE
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY...
THE DECOY EFFECT - EXAMPLE
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY...
THE DECOY EFFECT - EXAMPLE
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY...
RESEARCH QUESTIONS
RQ1: Can we make suggested passwords more attractive with the decoy effect?
RQ2: Do password-suggestion...
CONCEPT
Choice architecture revolves around suggesting alternatives
­ Competitor: self-selected password
­ Target: passphr...
STRENGTH VS EFFORT
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT ...
USER STUDY
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 16
STUDY DESIGN
Between groups with four conditions:
­ Control: no suggestions
­ Words: passphrase of 4 dictionary words
­ Ma...
USER-INTERFACES: CONTROL GROUP
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE D...
USER-INTERFACES: WORDS
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFF...
USER-INTERFACES: MANGLED
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY E...
USER-INTERFACES: DECOY
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFF...
SAMPLE & DEMOGRAPHY
N = 83 valid responses from both sessions (35 female participants)
Recruiting only in USA (58%) and UK...
MEASUREMENTS
Passwords were not collected in plain text
Strength estimation: zxcvbn algorithm (D. Wheeler, USENIX Security...
RESULTS
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 24
SUGGESTION ATTRACTIVENESS
9 respondents (14%) accepted a suggestion (4 in Words, 2 in Mangled, 3 in Decoy)
Main reason for...
INFLUENCE ON PASSWORD GUESSABILITY
●●
●●
●●
●●
●●
●●
Mangled−Control
Words−Control
Words−Mangled
Decoy−Control
Decoy−Mangl...
INFLUENCE ON PASSWORD GUESSABILITY
●●
●●
●●
●●
●●
●●
Mangled−Control
Words−Control
Words−Mangled
Decoy−Control
Decoy−Mangl...
POLICY CLASSIFICATION
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFE...
POLICY CLASSIFICATION
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFE...
DISCUSSION
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 30
SUGGESTION REJECTED, YET INFLUENCED
Participants were influenced by suggestions:
­ The passphrase nudged participants to e...
BASELINE STRENGTHS WERE VERY HIGH
72 % created a “strong” password.
Passwords in all conditions were estimated stronger th...
OUTLOOK
TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 33
TAKE HOME MESSAGES
§ The presence of a suggestion can have an influence on self-selected passwords.
§ Suggest one password...
THANKS!
Tobias Seitz, Emanuel von Zezschwitz, Stefanie Meitner, and Heinrich Hussmann
tobias.seitz@ifi.lmu.de - @TbsStz
TO...
REFERENCES
1. Morrie Gasser. 1975. A Random Word Generator for Pronounceable
Passwords. Bedford, Massachusetts. Retrieved ...
REFERENCES
5. Seitz, T., von Zezschwitz, E., Meitner, S., & Hussmann, H. (2016). Influencing
Self-selected Passwords Throu...
Upcoming SlideShare
Loading in …5
×

Influencing Self-selected Passwords Through Suggestions and the Decoy Effect - Presentation

204 views

Published on

Slides for a talk at the EuroUSEC workshop in Darmstadt during the Security and Privacy Week.

Published in: Science
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
204
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Influencing Self-selected Passwords Through Suggestions and the Decoy Effect - Presentation

  1. 1. INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT Tobias Seitz, Emanuel von Zezschwitz, Stefanie Meitner, Heinrich Hussmann Media Informatics Group LMU Munich
  2. 2. TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 3 http://www.theregister.co.uk/2016/06/06/facebook_zuckerberg_social_media_accnt_pwnage/
  3. 3. IMPROVING ‘DADADA’: GENERATED PASSWORDS Security: Random system generated passwords would help to secure an account Usability: Password manager necessary for passwords like XN69Nt3uSDJxhJMd è How can we make generated passwords more usable? TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 4 Rhymes? (Ghazvininejad & Knight 2015) Pronounceable Syllables? (Gasser 1975) Real words? (Shay et al. 2012)
  4. 4. IMPROVING GENERATED PASSWORDS: PHRASES CorrectHorseBatteryStaple Security: Word-based passphrases perform well against cracking attacks Usability: ­ Easy to type, but more prone to typos than shorter passwords ­ Memorability similar to more complex passwords è How can we make generated passphrases more attractive? TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 5
  5. 5. IMPROVING PHRASES: SHOW ALTERNATIVES Challenges of suggesting passphrases: ­ Unattractive word constellation, e.g. Girth-Infix-Thine-Propyl ­ Users mistrust password suggestions, especially if they “look insecure” è How can we highlight the benefits and convince users of passphrase security? è Use password meters and the decoy effect TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 6 astley123 Tr0ub4dor&3 CorrectHorseBatteryStaple
  6. 6. THEORETICAL BACKGROUND & CONCEPT DEVELOPMENT TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 7
  7. 7. PERSUASION & NUDGING Password meters and feedback: TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 8 Shay et al., CHI 2015 Suggestion and guidance: Yahoo Dropbox eBay tumblr
  8. 8. THE DECOY EFFECT - EXAMPLE TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 9 328€ 799€
  9. 9. THE DECOY EFFECT - EXAMPLE TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 10 1799€328€ 799€
  10. 10. THE DECOY EFFECT - EXAMPLE TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 11 1799€328€ 799€ Competitor Low quality Low price Target High quality Higher price Decoy High quality Highest price
  11. 11. THE DECOY EFFECT - EXAMPLE TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 12 1799€328€ 799€ Competitor Low quality Low price Target High quality Higher price Decoy High quality Highest price
  12. 12. RESEARCH QUESTIONS RQ1: Can we make suggested passwords more attractive with the decoy effect? RQ2: Do password-suggestions influence self-selected passwords? RQ3: How is password memorability affected by suggesting random passwords? TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 13
  13. 13. CONCEPT Choice architecture revolves around suggesting alternatives ­ Competitor: self-selected password ­ Target: passphrase highest strength ­ Decoy: mangled dictionary word high strength TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 14 CorrectHorseBatteryStaple Tr0ub4Dor&8
  14. 14. STRENGTH VS EFFORT TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 15 1 2 3 4 5 Strength Effort Competitor Target DecoyCorrectHorseBatteryStaple Tr0ub4Dor&8
  15. 15. USER STUDY TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 16
  16. 16. STUDY DESIGN Between groups with four conditions: ­ Control: no suggestions ­ Words: passphrase of 4 dictionary words ­ Mangled: mangled dictionary word + special character + digits ­ Decoy: both the passphrase and the mangled password Two study sessions ­ Session 1: Password selection, qualitative feedback ­ Session 2: Memorability, qualitative feedback Conducted on-line with crowdsourcing tool Prolific.ac TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 17
  17. 17. USER-INTERFACES: CONTROL GROUP TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 18 No suggestion
  18. 18. USER-INTERFACES: WORDS TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 19 Suggestion: Passphrase = Target-item only
  19. 19. USER-INTERFACES: MANGLED TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 20 Suggestion: Mangled password = Decoy-item only
  20. 20. USER-INTERFACES: DECOY TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 21 Two suggestions: Mangled password Passphrase
  21. 21. SAMPLE & DEMOGRAPHY N = 83 valid responses from both sessions (35 female participants) Recruiting only in USA (58%) and UK (42%) Average age 30 years (SD=10, [18;61]) 78% employed, 12% students, 10% unemployed Group distribution: TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 22 18 24 21 20 Control Words Mangled Decoy
  22. 22. MEASUREMENTS Passwords were not collected in plain text Strength estimation: zxcvbn algorithm (D. Wheeler, USENIX Security ‘16) ­ estimated guesses for sophisticated attackers ­ strength score (0 - 4) ­ length ­ uppercase, lowercase, digits, special characters Qualitative feedback and self-assessment TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 23
  23. 23. RESULTS TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 24
  24. 24. SUGGESTION ATTRACTIVENESS 9 respondents (14%) accepted a suggestion (4 in Words, 2 in Mangled, 3 in Decoy) Main reason for declining: Lack of personalization Memorability results: ­ generally low performance for all participants (40% overall success rate) ­ 1 of the 9 respondents who accepted was able to recall the mangled password TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 25
  25. 25. INFLUENCE ON PASSWORD GUESSABILITY ●● ●● ●● ●● ●● ●● Mangled−Control Words−Control Words−Mangled Decoy−Control Decoy−Mangled Decoy−Words −5 0 5 ●● ●● p<0.05 Non−Sig TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 26
  26. 26. INFLUENCE ON PASSWORD GUESSABILITY ●● ●● ●● ●● ●● ●● Mangled−Control Words−Control Words−Mangled Decoy−Control Decoy−Mangled Decoy−Words −5 0 5 ●● ●● p<0.05 Non−Sig TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 27
  27. 27. POLICY CLASSIFICATION TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 28 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Control Mangled Words Decoy Basic Complex
  28. 28. POLICY CLASSIFICATION TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 29 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Control Mangled Words Decoy Basic Complex
  29. 29. DISCUSSION TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 30
  30. 30. SUGGESTION REJECTED, YET INFLUENCED Participants were influenced by suggestions: ­ The passphrase nudged participants to elongate their own password. ­ The mangled password nudged them to fulfill complex policies. The decoy effect did not make suggestions more attractive. Implications ­ Display one suggestion during password creation instead of two. ­ Use context to decide which suggestion to display TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 31
  31. 31. BASELINE STRENGTHS WERE VERY HIGH 72 % created a “strong” password. Passwords in all conditions were estimated stronger than those found in leaked data. Implications ­ Only display suggestions when necessary. ­ Evaluate our nudging approach in the wild to validate the effect. TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 32
  32. 32. OUTLOOK TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 33
  33. 33. TAKE HOME MESSAGES § The presence of a suggestion can have an influence on self-selected passwords. § Suggest one password and provide feed-forward to the user. (“Here’s a strong password for you: ...”) § The decoy effect does not translate to passwords directly. § Other disciplines can inspire concepts and produce unanticipated results. TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 34
  34. 34. THANKS! Tobias Seitz, Emanuel von Zezschwitz, Stefanie Meitner, and Heinrich Hussmann tobias.seitz@ifi.lmu.de - @TbsStz TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 35
  35. 35. REFERENCES 1. Morrie Gasser. 1975. A Random Word Generator for Pronounceable Passwords. Bedford, Massachusetts. Retrieved from http://www.dtic.mil/cgi- bin/GetTRDoc?AD=ADA017676 2. Marjan Ghazvininejad and Kevin Knight. 2015. How to Memorize a Random 60-Bit String. 3. Richard Shay, Patrick Gage Kelley, Saranga Komanduri, et al. 2012. Correct Horse Battery Staple. Proceedings of the Eighth Symposium on Usable Privacy and Security (SOUPS ’12), ACM, 1–20. http://doi.org/10.1145/2335356.2335366 4. Daniel Lowe Wheeler. zxcvbn : Low-Budget Password Strength Estimation. To appear in: Proceedings of the 25th USENIX Security Symposium (USENIX Security 16), USENIX Association, 17 pages. TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 36
  36. 36. REFERENCES 5. Seitz, T., von Zezschwitz, E., Meitner, S., & Hussmann, H. (2016). Influencing Self-selected Passwords Through Suggestions and the Decoy Effect. In Proceedings of the EuroUSEC Workshop, Internet Society, Darmstadt. 8 Pages. 6. Shay, R., Komanduri, S., Durity, A. L., Huh, P. S., Mazurek, M. L., Segreti, S. M., … Cranor, L. F. (2014). Can Long Passwords Be Secure and Usable? In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ’14). http://doi.org/http://dx.doi.org/10.1145/2556288.2557377 TOBIAS.SEITZ@IFI.LMU.DE - INFLUENCING SELF-SELECTED PASSWORDS THROUGH SUGGESTIONS AND THE DECOY EFFECT 37

×