Skip to main content
SpringerLink
Log in

GAP: A Game for Improving Awareness About Passwords

  • Conference paper
  • First Online:
Serious Games (JCSG 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11243))

Included in the following conference series:

Abstract

Text-based password is the most popular method for authenticating users on the internet. However, despite decades of security research, users continue to choose easy-to-guess passwords to protect their important online accounts. In this paper, we explore the potential of serious games to educate users about various features that negatively impact password security. Specifically, we designed a web-based casual game called GAP and assessed its impact by conducting a comparative user study with 119 participants. The study results show that participants who played GAP demonstrated improved performance in recognizing insecure password features than participants who did not play GAP. Besides having educational value, most of the participants also found GAP fun to play.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Casual Games Association: Casual Games Sector Report. http://cdn2.hubspot.net/hubfs/700740/Newzoo_Games_Industry_Growth_Towards_2017.pdf. Accessed 10 August 2018

  2. National Research Council, et al.: How People Learn: Bridging Research and Practice. National Academies Press, Washington, D.C. (1999)

    Google Scholar 

  3. Bowes, R.: Passwords. https://wiki.skullsecurity.org/Passwords. Accessed 10 August 2018

  4. de Carné de Carnavalet, X., Mannan, M.: From very weak to very strong: analyzing password-strength meters. In: NDSS 2014. Internet Society (2014)

    Google Scholar 

  5. Chesham, A., Wyss, P., Müri, R.M., Mosimann, U.P., Nef, T.: What older people like to play: genre preferences and acceptance of casual games. JMIR Serious Games 5(2), e8 (2017)

    Article  Google Scholar 

  6. Connolly, T.M., Boyle, E.A., MacArthur, E., Hainey, T., Boyle, J.M.: A systematic literature review of empirical evidence on computer games and serious games. Comput. Educ. 59(2), 661–686 (2012)

    Article  Google Scholar 

  7. Das, A., Bonneau, J., Caesar, M., Borisov, N., Wang, X.: The tangled web of password reuse. In: NDSS 2014, pp. 23–26. Internet Society (2014)

    Google Scholar 

  8. Denning, T., Lerner, A., Shostack, A., Kohno, T.: Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In: CCS 2013, pp. 915–928 (2013)

    Google Scholar 

  9. Dickey, M.D.: Engaging by design: how engagement strategies in popular computer and video games can inform instructional design. Educ. Technol. Res. Dev. 53(2), 67–83 (2005)

    Article  Google Scholar 

  10. Florencio, D., Herley, C.: A large-scale study of web password habits. In: WWW 2007, pp. 657–666 (2007)

    Google Scholar 

  11. Gerling, K., Fuchslocher, A., Schmidt, R., Krämer, N., Masuch, M.: Designing and evaluating casual health games for children and teenagers with cancer. In: Anacleto, J.C., Fels, S., Graham, N., Kapralos, B., Saif El-Nasr, M., Stanley, K. (eds.) ICEC 2011. LNCS, vol. 6972, pp. 198–209. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24500-8_21

    Chapter  Google Scholar 

  12. Grimes, A., Kantroo, V., Grinter, R.E.: Let’s play! Mobile health games for adults. In: Ubicomp 2010, pp. 241–250. ACM (2010)

    Google Scholar 

  13. Hendrix, M., Al-Sherbaz, A., Victoria, B.: Game based cyber security training: are serious games suitable for cyber security training? IJSG 3(1), 53–61 (2016)

    Article  Google Scholar 

  14. Hunt, T.: Pwned passwords. https://haveibeenpwned.com/Passwords. Accessed 10 August 2018

  15. Kuittinen, J., Kultima, A., Niemelä, J., Paavilainen, J.: Casual games discussion. In: Proceedings of the 2007 Conference on Future Play, pp. 105–112. ACM (2007)

    Google Scholar 

  16. Mazurek, M.L., et al.: Measuring password guessability for an entire university. In: CCS 2013, pp. 173–186. ACM (2013)

    Google Scholar 

  17. Morrison, C.: Casual Gaming Worth \$2.25 Billion, and Growing Fast. https://venturebeat.com/2007/10/29/casual-gaming-worth-225-billion-and-growing-fast/. Accessed 10 August 2018

  18. NPD: The NPD Group: 37 Percent of U.S. Population Age 9 and Older Currently Plays PC Games. https://www.npd.com/wps/portal/npd/us/news/press-releases/37-percent-of-us-population-age-9-and-older-currently-plays-pc-games/. Accessed 10 August 2018

  19. NPS: Cyberciege (2004). http://my.nps.edu/web/cisr/cyberciege. Accessed 10 August 2018

  20. Phaser: Desktop and Mobile HTML5 Game Framework. https://phaser.io. Accessed 10 August 2018

  21. ProofPoint: Wombat Security Technologies. https://www.wombatsecurity.com/. Accessed 10 August 2018

  22. Reimers, S., Stewart, N.: Presentation and response timing accuracy in Adobe Flash and HTML5/JavaScript web experiments. Behav. Res. Methods 47(2), 309–327 (2015)

    Article  Google Scholar 

  23. Rittle-Johnson, B., Koedinger, K.R.: Comparing instructional strategies for integrating conceptual and procedural knowledge (2002)

    Google Scholar 

  24. Schroth, M.L.: The effects of delay of feedback on a delayed concept formation transfer task. Contemp. Educ. Psychol. 17(1), 78–82 (1992)

    Article  MathSciNet  Google Scholar 

  25. Shay, R., et al.: Encountering stronger password requirements: user attitudes and behaviors. In: SOUPS 2010, pp. 2:1–2:20 (2010)

    Google Scholar 

  26. Sheng, S., et al.: Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish. In: SOUPS 2007, pp. 88–99 (2007)

    Google Scholar 

  27. Squire, K.D.: Video game-based learning: an emerging paradigm for instruction. Perform. Improv. Q. 21(2), 7–36 (2008)

    Article  Google Scholar 

  28. Ur, B., et al.: “I added ‘!’ at the end to make it secure”: observing password creation in the lab. In: SOUPS 2015, pp. 123–140. USENIX Association (2015)

    Google Scholar 

  29. Wiemker, M., Elumir, E., Clare, A.: Escape room games. Game Based Learn. (2015)

    Google Scholar 

  30. Wouters, P., Van Nimwegen, C., Van Oostendorp, H., Van Der Spek, E.D.: A meta-analysis of the cognitive and motivational effects of serious games. J. Educ. Psychol. 105(2), 249 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. TCS Research, Pune, India

    Harshal Tupsamudre, Sankalp Pandit, Sukanya Vaddepalli, Aishwarya Shinde, C. J. Gokul, Vijayanand Banahatti & Sachin Lodha

  2. IIT Bombay, Mumbai, India

    Rahul Wasnik & Shubhankar Biswas

Authors
  1. Harshal Tupsamudre
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rahul Wasnik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shubhankar Biswas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sankalp Pandit
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sukanya Vaddepalli
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Aishwarya Shinde
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. C. J. Gokul
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Vijayanand Banahatti
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Sachin Lodha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Harshal Tupsamudre .

Editor information

Editors and Affiliations

  1. Technische Universität Darmstadt, Darmstadt, Germany

    Stefan Göbel

  2. Technische Universität Darmstadt, Darmstadt, Germany

    Augusto Garcia-Agundez

  3. Technische Universität Darmstadt, Darmstadt, Germany

    Thomas Tregel

  4. Staffordshire University, Stoke on Trent, UK

    Minhua Ma

  5. University of Bremen, Bremen, Germany

    Jannicke Baalsrud Hauge

  6. SINTEF Technology and Society, Trondheim, Norway

    Manuel Oliveira

  7. Griffith University, Brisbane, QLD, Australia

    Tim Marsh

  8. Technische Universität Darmstadt, Darmstadt, Germany

    Polona Caserman

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tupsamudre, H. et al. (2018). GAP: A Game for Improving Awareness About Passwords. In: Göbel, S., et al. Serious Games. JCSG 2018. Lecture Notes in Computer Science(), vol 11243. Springer, Cham. https://doi.org/10.1007/978-3-030-02762-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02762-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02761-2

  • Online ISBN: 978-3-030-02762-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation