3613904.3642823.pdf (2.52 MB)

Understanding Users’ Interaction with Login Notifications

Download (2.52 MB)
conference contribution
posted on 2024-05-22, 07:01 authored by Philipp Markert, Leona Lassak, Maximilian GollaMaximilian Golla, Markus Dürmuth
Login notifications are intended to inform users about recent sign-ins and help them protect their accounts from unauthorized access. The notifications are usually sent if a login occurs from a new location or device, which could indicate malicious activity. They mostly contain information such as the location, date, time, and device used to sign in. Users are challenged to verify whether they recognize the login (because it has been them or someone they know) or to proactively protect their account from unwanted access by changing their password. In two user studies, we explore users' comprehension, reactions, and expectations of login notifications. We utilize two treatments to measure users' behavior in response to login notifications sent for a login they initiated themselves or based on a malicious actor relying on statistical sign-in information. Users feel relatively confident identifying legitimate logins but demonstrate various risky and insecure behaviors when it comes to malicious sign-ins. We discuss the identified problems and give recommendations for service providers to ensure usable and secure logins for everyone.


Primary Research Area

  • Empirical and Behavioral Security

Name of Conference

International Conference on Human Factors in Computing Systems (CHI)


ACM Conference on Human Factors in Computing Systems

Page Range




Open Access Type

  • Not Open Access


@conference{Markert:Lassak:Golla:Dürmuth:2024, title = "Understanding Users’ Interaction with Login Notifications", author = "Markert, Philipp" AND "Lassak, Leona" AND "Golla, Maximilian" AND "Dürmuth, Markus", year = 2024, month = 5, journal = "ACM Conference on Human Factors in Computing Systems", pages = "1--17", publisher = "ACM", doi = "10.1145/3613904.3642823" }