Connect with us

Hi, what are you looking for?


Computer Users Suffer from Security Fatigue

Constant cyber warnings and security protocols may be negatively impacting users’ behavior. A study by the U.S. National Institute of Standards and Technology argues that as people are increasingly bombarded with security warnings, asked to manage and frequently update multiple passwords, they develop security fatigue.

When fatigue sets in, users become desensitized to security risks and engage in risky computing behavior. Since a leading cause of data breaches is employee negligence, this poses a tremendous liability to businesses. It also exposes users to risk in their personal lives.

Too Many Decisions

You’ve likely heard of decision fatigue. As people make more decisions during the day, the quality of their decision making deteriorates. For example, research has shown that the quality of judges’ rulings erodes as the day goes by. The more decisions we make through the day, the more difficult decisions become.

When we’re asked to make more decisions than we can process, our brains look for shortcuts. We tend to act impulsively, fall back on habits, or we just avoid decision making altogether. This is why President Obama only wore gray and blue suits while in office and why Mark Zuckerberg wears versions of the same T-shirt. They understand that economizing their decisions enables them to make better decisions when it matters.

Like decision fatigue, the authors argue that users reach a threshold where it becomes too difficult or burdensome to maintain proper security protocols. When this happens, they engage in less secure online behavior or fail to act. While cyber security experts view this behavior as irrational, the study’s authors argue that when viewed through the lens of security fatigue, the users’ behavior makes sense, reflecting an astute cost-benefit analysis.

Weariness, Denial, and Resignation

The researchers didn’t set out to study fatigue. But in the process of conducting a larger qualitative study, they couldn’t help but notice the participants’ indicators of fatigue. “We were completely surprised by our findings. What we found is an underlying theme of fatigue and weariness, which came with dread and resignation,” said computer scientist, Mary Frances Theofanos.

The authors noted that security fatigue led the participants to develop certain biases. They minimized the likelihood of being targeted in a security attack, maintaining they weren’t important enough for anyone to want their data. They expressed that guarding data isn’t their responsibility, leaving it up to others with more experience.

The participants also conveyed a sense of not having control, arguing that their actions don’t make a difference. “If I took all the security measures possible, and I made my password d3121, unlike scissors90, is it going to make all that difference? I don’t have to be vigilant all the time. If it is going to happen, it is going to happen.”

Easing Security Fatigue

The study offered three ways to lessen security fatigue to help users maintain secure online habits. These are:

·         Limit the number of security decisions user are required to make

·         Make it easier for users to take correct security actions and more difficult to take incorrect action

·         Design security protocols for consistent decision making

The researchers urged security designers to be conscious of the areas of their designs that cause security fatigue. Designing with security fatigue in mind will reduce the likelihood users become resigned, complacent, or develop a sense of loss of control over their online security.

Written By

Michelle Spitzer is a freelance writer. She writes about healthcare IT, business analytics, business trends, personal finance, and consumer credit. Michelle has a Bachelor’s degree in Social Sciences and a professional certificate in Technical Writing.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like


Whenever technology news appears, they change things. It revolutionizes all industries, so it clearly affects the jobs within them. The Accenture Technology Vision 2019...


The future of humanity seems dark and depressing, given the large-scale climatic destruction and the ongoing slaughter of nature to make space for concrete....


Take a look at the industry statistics and they paint a rosy picture for the casino sector. Revenue is higher than it has ever...

Small Business

Around 67% of businesses now offering a flexible working arrangement, allowing their staff to work remotely, set their own working hours, and compress their...