Why Do People Adopt, or Reject, Smartphone Password Managers?

People use weak passwords for a variety of reasons, the most prescient of these being memory load and inconvenience. The motivation to choose weak passwords is even more compelling on Smartphones because entering complex passwords is particularly time consuming and arduous on small devices. Many of the memory- and inconvenience-related issues can be ameliorated by using a password manager app. Such an app can generate, remember and automatically supply passwords to websites and other apps on the phone. Given this potential, it is unfortunate that these applications have not enjoyed widespread adoption. We carried out a study to find out why this was so, to investigate factors that impeded or encouraged password manager adoption. We found that a number of factors mediated during all three phases of adoption: searching, deciding and trialling. The study’s findings will help us to market these tools more effectively in order to encourage future adoption of password managers

Encouraging password manager adoption by meeting adopter self-determination needs

Password managers are a potential solution to the password conundrum, but adoption is paltry. We investigated the impact of a recommender application that harnessed the tenets of self-determination theory to encourage adoption of password managers. This theory argues that meeting a person's autonomy, relatedness and competence needs will make them more likely to act. To test the power of meeting these needs, we conducted a factorial experiment, in the wild. We satisfied each of the three self determination factors, and all individual combinations thereof, and observed short-term adoption of password managers. The Android recommender application was used by 470 participants, who were randomly assigned to one of the experimental or control conditions. Our analysis revealed that when all self-determination factors were satisfied, adoption was highest, while meeting only the autonomy or relatedness needs individually significantly improved the likelihood of adoption

Encouraging Password Manager Adoption by Meeting Adopter Self-Determination Needs

Password managers are a potential solution to the password conundrum, but adoption is paltry. We investigated the impact of a recommender application that harnessed the tenets of self-determination theory to encourage adoption of password managers. This theory argues that meeting a person\u27s autonomy, relatedness and competence needs will make them more likely to act. To test the power of meeting these needs, we conducted a factorial experiment, in the wild. We satisfied each of the three self determination factors, and all individual combinations thereof, and observed short-term adoption of password managers. The Android recommender application was used by 470 participants, who were randomly assigned to one of the experimental or control conditions. Our analysis revealed that when all self-determination factors were satisfied, adoption was highest, while meeting only the autonomy or relatedness needs individually significantly improved the likelihood of adoption

MIGRANT : modeling smartphone password manager adoption using migration theory

Password manager applications have the potential to alleviate password pain and improve password strength, yet they are not widely adopted. Password managers are dissimilar to other kinds of software tools, given that the leakage of the credentials they store could give a hacker access to all the individual's online accounts. Moreover, adoption requires a deliberate switch away from an existing (manual) password management routine. As such, traditional technology adoption models are unlikely to model password manager adoption accurately. In this paper, we propose and explain how we validated a theoretical model of smartphone password manager adoption. We commenced by carrying out exploratory interviews with 30 smartphone owners to identify factors that influence adoption. These were used to develop a model that reflects the password manager adoption process, building on migration theory. The proposed model, MIGRANT (MIGRation pAssword maNager adopTion), was validated and subsequently refined in a week-long study with 198 smartphone owners, combining self-report and observation to measure constructs. This study contributes to the information security behavioral literature by isolating the main factors that encourage or deter password manager adoption, and those that moor smartphone owners in their current practices, hindering switching. With this investigation, we introduce migration theory as a reference theory for future studies in the information security behavioral field

Adopting password manager applications among smartphone users

People use weak passwords for a variety of reasons, the most prescient of these being memory load and inconvenience. The motivation to choose weak passwords is even more compelling on smartphones because entering complex passwords is particularly time consuming and arduous on small devices. Password managers are a potential solution to the password conundrum, but it is unfortunate that these applications have not enjoyed widespread adoption. This thesis investigated the adoption of password manager applications and filled an important gap in the human-centric and information security literature. It concentrated on end users’ perceptions, the factors that influence the adoption decisions of password managers and how to encourage them to adopt these tools. The thesis begins with an exploratory study to investigate the current state of password manager adoption and to understand the reasons that impede or encourage the adoption of password managers. Qualitative data was collected and the data was analysed using Grounded Theory. This study found that the adoption process of password managers goes through six stages. Accordingly, recommendations were suggested to improve the adoption of password manager applications. The factors that influence the intention to adopt a password manager were next identified and empirically validated using migration theory as a theoretical foundation. These factors were identified based on interviews with smartphone users, resulting in a proposed migration model. The proposed model was then tested quantitatively with smartphone users. Structural Equation Model (SEM) analysis found that users’ dissatisfaction with their password-coping behaviours, and their perception of the usefulness and the effectiveness of password managers positively influenced their intention to adopt a password manager. On the other hand, users’ perceived risk of using password managers, and the cost of setting up these tools, deterred the intention to adopt. Also, the result confirmed the positive influence of social influence (Descriptive norms) on adoption intention. Finally, the thesis presents an investigation into the impact of a recommender application that harnessed the tenets of self-determination theory to encourage the adoption of password managers. This theory argues that meeting a person’s autonomy, relatedness and competence needs will make them more likely to act. To test the power of meeting these needs, a factorial experiment was conducted, in the wild. Each of the three self-determination factors and all individual combinations thereof were satisfied, and the short-term adoption of password managers was observed (i.e. the installation of a password manager). When all the self-determination factors were satisfied, adoption was highest, while meeting only the autonomy or relatedness needs individually significantly improved the likelihood of adoption