Paper Type
Short
Paper Number
PACIS2025-1086
Description
This study adopts a fear-appeal training method focusing on password security. With the consent of the volunteer participants, a live demonstration of brute-forcing passwords will be conducted in a security education training and awareness program. This demonstration illustrates the vulnerabilities of weak passwords and showcases the steps and impact of brute-force attacks. Subsequently, we will observe changes in participants’ intentions and behaviors toward password protection after the training session. In addition to emphasizing the enhancement of security awareness, we also evaluate tangible behavioral changes. To ensure transparency and safety during the research process, a dictionary-based brute-force method will be employed, which will be strictly limited to cracking passwords without recording or accessing accounts. The participants will be informed that the operation is restricted to program execution without entering their accounts. Through this practice, we aim to raise participants’ awareness of password security and encourage more cautious protection of information resources.
Recommended Citation
Huang, Hsieh-Hong and Ku, Cooper Cheng-Yuan, "Effects of Fear Appeals in SETA Programs" (2025). PACIS 2025 Proceedings. 3.
https://aisel.aisnet.org/pacis2025/security/security/3
Effects of Fear Appeals in SETA Programs
This study adopts a fear-appeal training method focusing on password security. With the consent of the volunteer participants, a live demonstration of brute-forcing passwords will be conducted in a security education training and awareness program. This demonstration illustrates the vulnerabilities of weak passwords and showcases the steps and impact of brute-force attacks. Subsequently, we will observe changes in participants’ intentions and behaviors toward password protection after the training session. In addition to emphasizing the enhancement of security awareness, we also evaluate tangible behavioral changes. To ensure transparency and safety during the research process, a dictionary-based brute-force method will be employed, which will be strictly limited to cracking passwords without recording or accessing accounts. The participants will be informed that the operation is restricted to program execution without entering their accounts. Through this practice, we aim to raise participants’ awareness of password security and encourage more cautious protection of information resources.
Comments
Security