TY - GEN
T1 - An experience sampling study of user reactions to browser warnings in the field
AU - Reeder, Robert W.
AU - Felt, Adrienne Porter
AU - Consolvo, Sunny
AU - Malkin, Nathan
AU - Thompson, Christopher
AU - Egelman, Serge
N1 - Publisher Copyright:
© 2018 Copyright held by the owner/author(s).
PY - 2018/4/20
Y1 - 2018/4/20
N2 - Web browser warnings should help protect people from malware, phishing, and network attacks. Adhering to warnings keeps people safer online. Recent improvements in warning design have raised adherence rates, but they could still be higher. And prior work suggests many people still do not understand them. Thus, two challenges remain: increasing both comprehension and adherence rates. To dig deeper into user decision making and comprehension of warnings, we performed an experience sampling study of web browser security warnings, which involved surveying over 6,000 Chrome and Firefox users in situ to gather reasons for adhering or not to real warnings. We find these reasons are many and vary with context. Contrary to older prior work, we do not find a single dominant failure in modern warning design-like habituation-that prevents effective decisions. We conclude that further improvements to warnings will require solving a range of smaller contextual misunderstandings.
AB - Web browser warnings should help protect people from malware, phishing, and network attacks. Adhering to warnings keeps people safer online. Recent improvements in warning design have raised adherence rates, but they could still be higher. And prior work suggests many people still do not understand them. Thus, two challenges remain: increasing both comprehension and adherence rates. To dig deeper into user decision making and comprehension of warnings, we performed an experience sampling study of web browser security warnings, which involved surveying over 6,000 Chrome and Firefox users in situ to gather reasons for adhering or not to real warnings. We find these reasons are many and vary with context. Contrary to older prior work, we do not find a single dominant failure in modern warning design-like habituation-that prevents effective decisions. We conclude that further improvements to warnings will require solving a range of smaller contextual misunderstandings.
KW - Browser security
KW - Usable security
KW - Warnings
KW - Web security
UR - http://www.scopus.com/inward/record.url?scp=85046974560&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046974560&partnerID=8YFLogxK
U2 - 10.1145/3173574.3174086
DO - 10.1145/3173574.3174086
M3 - Conference contribution
AN - SCOPUS:85046974560
T3 - Conference on Human Factors in Computing Systems - Proceedings
BT - CHI 2018 - Extended Abstracts of the 2018 CHI Conference on Human Factors in Computing Systems
PB - Association for Computing Machinery
T2 - 2018 CHI Conference on Human Factors in Computing Systems, CHI 2018
Y2 - 21 April 2018 through 26 April 2018
ER -