Using Gamification and Fear Appeal Instead of Password Strength Meters to Increase Password Entropy

It is very common for users to create weak passwords. Currently, the majority of websites deploy password strength meters to provide timely feedback. These meters are in wide use and their effects on the security of passwords have been relatively well studied. In this paper another type of feedback is studied: a gamified approach supported by fear appeal. In this approach, users are encouraged to make passwords stronger through the use of visual and textual stories. This approach is supported by data-driven suggestions about how to improve password security as well as by fear appeal. To prove the effectiveness of this gamified password creation process, an experiment was performed in which users changed their passwords in two ways: without any feed-back, and with gamified feedback with fear appeal. To support the initial findings a questionnaire was completed by participants at the end of research.