A Serious Game Design: Nudging Users' Memorability of Security Questions

Security questions are one of the techniques used to recover passwords. The main limitation of security questions is that users find strong answers difficult to remember. This leads users to trade-off security for the convenience of an improved memorability. Previous research found that increased fun and enjoyment can lead to an enhanced memorability, which provides a better learning experience. Hence, we empirically investigate whether a serious game has the potential of improving the memorability of strong answers to security questions. For our serious game, we adapted the popular "4 Pics 1 word" mobile game because of its use of pictures and cues, which psychology research found to be important to help with memorability. Our findings indicate that the proposed serious game could potentially improve the memorability of answers to security questions. This potential improvement in memorability, could eventually help reduce the trade-off between usability and security in fall-back authentication.