CISPA
Browse
Understanding Users Interaction with Login Notifications.pdf (739 kB)

Understanding Users’ Interaction with Login Notifications

Download (739 kB)
conference contribution
posted on 2024-02-05, 07:46 authored by Philipp Markert, Leona Lassak, Maximilian GollaMaximilian Golla, Markus Dürmuth
Login notifications are intended to inform users about recent sign-ins and help them protect their accounts from unauthorized access. The notifications are usually sent if a login occurs from a new location or device, which could indicate malicious activity. They mostly contain information such as the location, date, time, and device used to sign in. Users are challenged to verify whether they recognize the login (because it has been them or someone they know) or to proactively protect their account from unwanted access by changing their password. In two user studies, we explore users' comprehension, reactions, and expectations of login notifications. We utilize two treatments to measure users' behavior in response to login notifications sent for a login they initiated themselves or based on a malicious actor relying on statistical sign-in information. Users feel relatively confident identifying legitimate logins but demonstrate various risky and insecure behaviors when it comes to malicious sign-ins. We discuss the identified problems and give recommendations for service providers to ensure usable and secure logins for everyone.

History

Primary Research Area

  • Empirical and Behavioral Security

Name of Conference

International Conference on Human Factors in Computing Systems (CHI)

Journal

ACM Conference on Human Factors in Computing Systems

Publisher

ACM

BibTeX

@conference{Markert:Lassak:Golla:Dürmuth:2024, title = "Understanding Users’ Interaction with Login Notifications", author = "Markert, Philipp" AND "Lassak, Leona" AND "Golla, Maximilian" AND "Dürmuth, Markus", year = 2024, month = 5, journal = "ACM Conference on Human Factors in Computing Systems", publisher = "ACM" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC