Almuhimedi, H., Schaub, F., Sadeh, N., Adjerid, I., Acquisti, A., Gluck, J., Cranor, L. F. and Agarwal, Y. (2015), ‘Your Location Has Been Shared 5,398 Times! A Field Study on Mobile App Privacy Nudging’, In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, CHI ’15, 787–796, New York, NY, USA. ACM.
Balebako, R., Leon, P. G., Almuhimedi, H., Kelley, P. G., Mugan, J., Acquisti, A., Cranor, L. F. and Sadeh, N. (2011), ‘Nudging users towards privacy on mobile devices’, In Proc. CHI 2011 Workshop on Persuasion, Nudge, Influence and Coercion, 193–201, Vancouver, BC, Canada. ACM.
Bateson, M., Callow, L., Holmes, J. R., Roche, M. L. R. and Nettle, D. (2013), ‘Do images of ‘watching eyes’ induce behaviour that is more pro-social or more normative? A field experiment on littering’, Public Library of Science, 8(12): 1–9.
Benjamini, Y. and Hochberg, Y. (1995), ‘Controlling the false discovery rate: a practical and powerful approach to multiple testing’, Journal of the royal statistical society. Series B (Methodological), 289–300.
Bonneau, J., Herley, C., Van Oorschot, P. C. and Stajano, F. (2012), ‘The quest to replace passwords: A framework for comparative evaluation of web authentication schemes’, In IEEE Symposium on Security and Privacy (SP), 2012, 553–567. IEEE.
Bonneau, J., Herley, C., Van Oorschot, P. C. and Stajano, F. (2015), ‘Passwords and the Evolution of Imperfect Authentication’, Communications of the ACM, 58(7): 78–87.
Bonneau, J. and Preibusch, S. (2010), ‘The Password Thicket: Technical and Market Failures in Human Authentication on the Web’, In The Workshop on the Economics of Information Security, Harvard University, USA.
Brehm, S. S. and Brehm, J. W. (1981), A theory of psychological reactance. A Theory of Freedom and Control, New York: Academic Press.
Brewer, M. B. (2001), ‘Ingroup identification and intergroup conflict’, in Ashmore, R., Jussim, L. and Wilder, D. (eds.), Social identity, intergroup conflict, and conflict reduction, 17–41. New York: Oxford University Press.
Castano, E., Yzerbyt, V., Paladino, M.-P. and Sacchi, S. (2002), ‘I belong, therefore, I exist: Ingroup identification, ingroup entitativity, and ingroup bias’, Personality and Social Psychology Bulletin, 28(2): 135–143.
Choe, E. K., Jung, J., Lee, B. and Fisher, K. (2013), ‘Nudging people away from privacy-invasive mobile apps through visual framing. In IFIP Conference on Human-Computer Interaction, 74–91, Cape Town, South Africa. Springer.
Cialdini, R. B. and Trost, M. R. (1998), ‘Social influence: Social norms, conformity and compliance’, In Gilbert, D. T., Fiske, S. T., and Lindzey, G. (eds.), The handbook of social psychology, 4 edn.
New York: McGraw-Hill, 151–192.
Ciampa, M. (2013), ‘A comparison of password feedback mechanisms and their impact on password entropy’, Information Management & Computer Security, 21(5): 344–359.
Crawford, J. (2013), ‘Assessing the Value of Formal Control Mechanisms on Strong Password Selection’, International Journal of Secure Software Engineering. (IJSSE)
de Carné de Carnavalet, X. (2014), A Large-Scale Evaluation of High-Impact Password Strength Meters, Ph.D. thesis, Concordia University.
Dell'Amico, M., Michiardi, P. and Roudier, Y. (2010). ‘Password strength: An empirical analysis’, In INFOCOM, 2010 Proceedings, 1–9, San Diego, CA. IEEE.
Dijksterhuis, A., Bargh, J. A. and Miedema, J. (2000), ‘Of men and mackerels: Attention, subjective experience, and automatic social behavior’, in Bless, H. and Forgas, J. (eds.), The message within: The role of subjective experience in social cognition and behavior, chap. 3, 37–51. New York: Psychology Press.
Egelman, S., Sotirakopoulos, A., Muslukhov, I., Beznosov, K. and Herley, C. (2013), ‘Does my password go up to eleven? The impact of password meters on password selection’, In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 2379–2388, Paris. ACM.
Greene, K. K., Kristen, K., Gallagher, M. A., Stanton, B. C. and Lee, P. Y. (2014), ‘I can't type that! p@$$w0rd entry on mobile devices’, In International Conference on Human Aspects of Information Security, Privacy, and Trust, 160–171, Heraklion, Crete. Springer.
Halpern, D. (2015), Inside the Nudge Unit: How small changes can make a big difference, London: WH Allen.
Hansen, P. G. (2015), ‘The definition of nudge and libertarian paternalism: Does the hand fit the glove?’ European Journal of Risk Regulation, (1) 1–20.
Hermans, D., Houwer, J. D. and Eelen, P., (1994), ‘The affective priming effect: Automatic activation of evaluative information in memory’, Cognition & Emotion, 8(6): 515–533.
Hevner, A. and Chatterjee, S. (2010), ‘Design science research in information systems’, in Design research in information systems (pp. 9–22). US: Springer.
Jeske, D., Coventry, L., Briggs, P. and van Moorsel, A., (2014), ‘Nudging whom how: IT proficiency, impulse control and secure behaviour’, in CHI Workshop on Personalizing Behavior Change Technologies, CHI.
Jevons, W. S. (1879), The theory of political economy, Macmillan and Company.
Josiam, B. M. and Hobson, J. P., (1995), ‘Consumer choice in context: the decoy effect in travel and tourism’, Journal of Travel Research, 34(1): 45–50.
Kahneman, D. (2003), ‘Maps of bounded rationality: Psychology for behavioral economics’, The American economic review, 93(5): 1449–1475.
Kahneman, D. (2011), Thinking, Fast and Slow, Farrar, Straus and Giroux.
Keith, M., Shao, B. and Steinbart, P., (2009), ‘A behavioral analysis of passphrase design and effectiveness’, Journal of the Association for Information Systems, 10(2): 2.
Kelman, M. (1979), ‘Choice and Utility’, Wisconson Law Review, 3: 769–798.
Khern-am-nuai, W., Yang, W. and Li, N., (2016), ‘Using Context-Based Password Strength Meter to Nudge Users' Password Generating Behavior: A Randomized Experiment’, HICSS, Hawai'i.
Kool, W., McGuire, J. T., Rosen, Z. B. and Botvinick, M. M., (2010), ‘Decision making and the avoidance of cognitive demand’, Journal of Experimental Psychology: General, 139(4): 665.
Kritzinger, E. and von Solms, S. H. (2010), ‘Cyber security for home users: A new way of protection through awareness enforcement’, Computers & Security, 29(8): 840–847.
Lench, H. C. and Ditto, P. H. (2008). ‘Automatic optimism: Biased use of base rate information for positive and negative events’, Journal of Experimental Social Psychology, 44(3): 631–639.
Luck, M. and d'Inverno, M. (2002). ‘Constraining autonomy through norms’, In Proceedings of the first international joint conference on Autonomous agents and multiagent systems: part 2, 674–681, Bologna. ACM.
McGrath, E. (1995), ‘Methodology matters: Doing research in the behavioral and social sciences’, in Readings in Human-Computer Interaction: Toward the Year 2000 (2nd ed),
Misra, S. and Stokols, D. (2012), ‘Psychological and health outcomes of perceived information overload’, Environment and behavior, 44(6): 737–759.
Newell, R. G. and Pizer, W. A., (2003), ‘Discounting the distant future: how much do uncertain rates increase valuations?’, Journal of Environmental Economics and Management, 46(1): 52–71.
Oliver, A. (2011), ‘Is nudge an effective public health strategy to tackle obesity? Yes’, BMJ: British Medical Journal (Online)
Orazi, D. C. and Pizzetti, M. (2015), ‘Revisiting fear appeals: A structural re-inquiry of the protection motivation model’, International Journal of Research in Marketing, 32(2): 223–225.
Pijpers, G. (2010), Information overload: A system for better managing everyday data, Hoboken, NJ: John Wiley & Sons.
Rayner, G. and Lang, T. (2011), ‘Is nudge an effective public health strategy to tackle obesity? No’, BMJ: British Medical Journal (Online)
Renaud, K., Zimmermann, V., Maguire, J., and Draper, S. (2017), ‘Lessons Learned from Evaluating Eight Password Nudges in the Wild’, LASER Workshop, Arlington, 18–19 October.
Rosenthal, R. and Jacobson, L. (1968), Pygmalion in the classroom: Teacher expectation and pupils' intellectual development, Holt, Rinehart & Winston.
Schaub, F., Deyhle, R. and Weber, M. (2012), ‘Password entry usability and shoulder surfing susceptibility on different smartphone platforms’, In Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia (MUM '12). ACM, New York, NY, USA, Article 13, 10 pages.
Schubert, C. (2017), ‘Green nudges: Do they work? Are they ethical?’, Ecological Economics, 132: 329–342.
Seitz, T., von Zezschwitz, E., Meitner, S. and Hussmann, H. (2016), ‘Influencing Self-Selected Passwords Through Suggestions and the Decoy Effect’, In Proceedings of the 1st European Workshop on Usable Security. Internet Society, Darmstadt.
Selinger, E. and Whyte, K. P. (2012), ‘What counts as a nudge?’, The American Journal of Bioethics, 12(2): 11–12.
Solove, D. J. and Hartzog, W. (2015), ‘Should the FTC kill the password?’, The case for better authentication. Bloomberg BNA Privacy & Security Law Report, 1353.
Sotirakopoulos, A. (2011), Influencing user password choice through peer pressure, Ph.D. thesis, The University Of British Columbia (Vancouver).
Sunstein, C. R. (2016), ‘People prefer system 2 nudges (kind of)’, Duke Law Journal, 66: 121.
Sunstein, C. R. (2017), ‘Nudges that fail’, Behavioural Public Policy, 1(1): 4–25.
Tam, L., Glassman, M. and Vandenwauver, M. (2010), ‘The psychology of password management: a tradeoff between security and convenience’, Behaviour & Information Technology, 29(3): 233–244.
Tari, F., Ozok, A. and Holden, S. H., 2006, July. ‘A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords’, In Proceedings of the second symposium on Usable privacy and security (pp. 56–66). ACM.
Thaler, R. H. and Sunstein, C. R. (2008), Nudge: Improving decisions about health, wealth, and happiness, Yale University Press.
Turland, J. K. (2016), Aiding information security decisions with human factors using quantitative and qualitative techniques, Ph.D. thesis, Psychology.
Ur, B., Kelley, P. G., Komanduri, S., Lee, J., Maass, M., Mazurek, M. L., Passaro, T., Shay, R., Vidas, T., Bauer, L. and Christin, N. (2012), ‘August. How does your password measure up? The effect of strength meters on password creation’, In USENIX Security Symposium (pp. 65–80).
Ur, B., Bees, J., Segreti, S. M., Bauer, L., Christin, N. and Cranor, L. F. (2016), Do Users' Perceptions of Password Security Match Reality?’ In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (pp. 3748–3760). ACM.
Ur, B., Noma, F., Bees, J., Segreti, S. M., Shay, R., Bauer, L., Christin, N. and Cranor, L. F. (2015), ‘“I added ‘!’at the end to make it secure”: Observing password creation in the lab’, In Proc. SOUPS.
Vance, A., Eargle, D., Ouimet, K. and Straub, D. (2013), ‘Enhancing password security through interactive fear appeals: A web-based field experiment’, In System Sciences (HICSS), 2013 46th Hawaii International Conference on (pp. 2988–2997). IEEE.
von Zezschwitz, E., Eiband, M., Buschek, D., Oberhuber, S., De Luca, A., Alt, F. and Hussmann, H. (2016), ‘December. On quantifying the effective password space of grid-based unlock gestures’, In Proceedings of the 15th International Conference on Mobile and Ubiquitous Multimedia (pp. 201–212). ACM.
Walters, G. R., International Business Machines Corporation (2007), Variable expiration of passwords. U.S. Patent 7,200,754.
Warkentin, M., Davis, K. and Bekkering, E. (2004), ‘Introducing the check-off password system (COPS): an advancement in user authentication methods and information security’, Journal of Organizational and End User Computing (JOEUC)
, 16(3): 41–58.
Wash, R., Rader, E., Berman, R. and Wellmer, Z. (2016), ‘Understanding password choices: How frequently entered passwords are re-used across websites’, In Symposium on Usable Privacy and Security (SOUPS).
Wheeler, D. L. (2016), ‘zxcvbn: Low-Budget Password Strength Estimation’, In USENIX Conference, Vancouver. USENIX.
Yevseyeva, I., Morisset, C. and van Moorsel, A. (2016), ‘Modeling and analysis of influence power for information security decisions’, Performance Evaluation, 98: 36–51.
Zipf, G. K. (2016), Human behavior and the principle of least effort: An introduction to human ecology, Ravenio Books.