Security questions education: exploring gamified features and functionalities. (9th July 2018)
- Record Type:
- Journal Article
- Title:
- Security questions education: exploring gamified features and functionalities. (9th July 2018)
- Main Title:
- Security questions education: exploring gamified features and functionalities
- Authors:
- Micallef, Nicholas
Arachchilage, Nalin Asanka Gamagedara - Abstract:
- Abstract : Purpose: Security questions are one of the techniques used to recover forgotten passwords. However, security questions have both security and memorability limitations. To limit their security vulnerabilities, stronger answers need to be used. As serious games can motivate users to change their security behaviour, the purpose of this paper is to explore the features and functionalities that users would require in a serious game that educates them to provide stronger answers to security questions. Design/methodology/approach: A lab study was conducted to collect users' feedback on the desired game features and functionalities. In Stage 1, participants selected security questions/answers. In Stage 2, participants played a game and evaluated the usability and the provided features. Findings: The main findings reveal that most participants found the current features and functionalities to be desirable; socially oriented functionalities (e.g. getting help from other players) did not seem desirable because users feared that their acquaintances could gain access to their security questions. Originality/value: This research recommends that designers of serious games for security education should: use intrinsic rewards to motivate users to have a better learning experience; provide easier challenges during the training period and provide harder challenges only when the game determines that the users learned to play the game; and design their games for mobile devices becauseAbstract : Purpose: Security questions are one of the techniques used to recover forgotten passwords. However, security questions have both security and memorability limitations. To limit their security vulnerabilities, stronger answers need to be used. As serious games can motivate users to change their security behaviour, the purpose of this paper is to explore the features and functionalities that users would require in a serious game that educates them to provide stronger answers to security questions. Design/methodology/approach: A lab study was conducted to collect users' feedback on the desired game features and functionalities. In Stage 1, participants selected security questions/answers. In Stage 2, participants played a game and evaluated the usability and the provided features. Findings: The main findings reveal that most participants found the current features and functionalities to be desirable; socially oriented functionalities (e.g. getting help from other players) did not seem desirable because users feared that their acquaintances could gain access to their security questions. Originality/value: This research recommends that designers of serious games for security education should: use intrinsic rewards to motivate users to have a better learning experience; provide easier challenges during the training period and provide harder challenges only when the game determines that the users learned to play the game; and design their games for mobile devices because even users who usually do not play games would play a security education game on a mobile device. … (more)
- Is Part Of:
- Information and computer security. Volume 26:Number 3(2018)
- Journal:
- Information and computer security
- Issue:
- Volume 26:Number 3(2018)
- Issue Display:
- Volume 26, Issue 3 (2018)
- Year:
- 2018
- Volume:
- 26
- Issue:
- 3
- Issue Sort Value:
- 2018-0026-0003-0000
- Page Start:
- 365
- Page End:
- 378
- Publication Date:
- 2018-07-09
- Subjects:
- Usable security -- Serious games -- Cyber security education -- Security questions
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-03-2018-0033 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7156.xml