Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Deception Task Design in Developer Password Studies: Exploring a Student Sample

 
: Naiakshina, Alena; Danilova, Anastasia; Tiefenau, Christian; Smith, Matthew

:
Volltext (PDF; )

USENIX Association:
Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018. Proceedings : August 12-14, 2018, Baltimore, MD, USA
Berkeley, CA, USA: USENIX, 2018
ISBN: 978-1-931971-45-4
S.297-313
Symposium on Usable Privacy and Security (SOUPS) <14, 2018, Baltimore/Md.>
Englisch
Konferenzbeitrag, Elektronische Publikation
Fraunhofer FKIE ()

Abstract
Studying developer behavior is a hot topic for usable security researchers. While the usable security community has ample experience and best-practice knowledge concerning the design of end-user studies, such knowledge is still lacking for developer studies. We know from end-user studies that task design and framing can have significant effects on the outcome of the study. To offer initial insights into these effects for developer research, we extended our previous password storage study [42]. We did so to examine the effects of deception studies with regard to developers. Our results show that there is a huge effect - only 2 out of the 20 non-primed participants even attempted a secure solution, as compared to the 14 out of 20 for the primed participants. In this paper, we will discuss the duration of the task and contrast qualitative vs. quantitative research methods for future developer studies. In addition to these methodological contributions, we also provide further insights into why developers store passwords insecurely.

: http://publica.fraunhofer.de/dokumente/N-534786.html