Browse by author
Lookup NU author(s): Professor Thomas GrossORCiD
This is the final published version of a report that has been published in its final definitive form by Newcastle University, 2017.
For re-use rights please refer to the publisher's terms and conditions.
Background. Recent research investigated the impact of cognitive state, including cognitive effort/depletion, on the strength of a chosen passwords [2], however did not rule out that either fear or stress could have affected the result. Aim. We investigate the effect of fear and stress on the measured strength of a chosen password. Method. We conduct two experiments with withinsubject designs measuring the zxcvbn [9] log10 number of guesses as strength of chosen passwords as dependent variable. In both experiments, participants are signed up to a site holding their personal data and, for the second run a day later, asked under a security incident pretext to change their password. (a) Fear. NF = 34 participants are exposed to standardized fear and happiness stimulus videos in random order. The success of this manipulation is checked with PANAS-X [8]. The zxcvbn password strength is compared across groups and the correlation with PANAS-X fear and happiness evaluated. (b) Stress. NS = 50 participants are either exposed to a battery of stress tasks or left in a control condition in random order. The success of the manipulation is checked with the Short Stress State Questionnaire (SSSQ) [3] and the State-Trait Anxiety Inventory STAI) [7]. The zxcvbn is compared across groups and the correlation with SSSQ and STAI stress scores evaluated. Anticipated Results. We anticipate to see strong effects on the manipulation checks, showing that the affect/stress induction was successful. We expect small effects of stress/fear on password strength. While we anticipate that higher fear/stress yields higher password strength, we will check with twotailed tests. Anticipated Conclusions. We anticipate to obtain point and interval estimates on the effect sizes involved, possibly obtaining a null result.
Author(s): Gross T
Publication type: Report
Publication status: Published
Series Title: School of Computing Technical Report Series
Year: 2017
Pages: 10
Print publication date: 01/08/2017
Acceptance date: 01/01/1900
Report Number: 1536
Institution: Newcastle University
Place Published: Newcastle upon Tyne
URL: https://www.ncl.ac.uk/media/wwwnclacuk/schoolofcomputingscience/files/trs/1536.pdf
