Internet security tasks, such as updating passwords, often come at inconvenient times, leading many users to ignore them. Researchers from the Hebrew University of Jerusalem and U.C. Berkeley have developed a new, straightforward approach that could significantly enhance cybersecurity behaviors.
A recent study led by Prof. Eyal Pe’er from the Hebrew University’s Federmann School of Public Policy, published in ACM Transactions on Computer-Human Interaction, reveals that allowing users to delay essential security tasks with a commitment to complete them later can notably increase the likelihood of task completion.
“Security tasks frequently interrupt users at inconvenient moments, which can lead to procrastination or neglect,” explains Prof. Pe’er. “Our research demonstrates that giving users the option to defer these tasks while committing to finish them later markedly improves the rate at which they complete crucial security updates. This method provides a practical solution to a prevalent issue in online security.”
The study involved a series of online experiments aimed at understanding how “nudges” might influence users’ willingness to change a compromised password. Results showed that participants who promised to update their password at a later time or requested a reminder were significantly more likely to follow through. The likelihood of completion increased further when participants were reminded of their earlier commitment, positively impacting overall cybersecurity behavior.
With over 80% of computer breaches linked to stolen, weak, or reused passwords, and more than 24 billion passwords exposed by hackers in 2022 alone, the study’s findings have significant implications. By integrating options for delaying and committing to security tasks, online platforms can enhance user compliance and better safeguard against potential security threats.