Abstract
Background and Aims: Children’s increasing access to the internet necessitates an age-appropriate approach to cybersecurity education, but the developmental progression of cybersecurity and related cognitive skills is not well understood. We investigated the cognitive processes underpinning children’s password practice.
Methods: The preregistered study was correlational and involved 147 seven- to 12-year-olds. Cognitive measures included problem solving and working memory from the Wechsler Intelligence Scale for Intelligence (WISC-V), and selective attention from the test of everyday attention for children (TEA-Ch). Children’s password practice was assessed by asking children to authenticate on a computer using a given password and a created password with guidance. Password measures included password strength, authentication success, attempts and latency. Additionally, we measured children’s digital experience, password creation strategies, sharing practices, and perceptions of their own password practice.
Results: Problem solving positively predicted creating stronger passwords (B=0.123, SE (0.54), Wald =5.15, p =.02). Working memory negatively predicted authentication attempts (B=-0.22, SE= 0.09, Wald =5.96, p=.02). Password strength scores were weak across all age groups. Younger children were significantly less likely to create their own passwords than older children. Children reported sharing passwords with friends, other class members and “anyone that asked”.
Conclusion and implications: Password creation and authentication is a cognitively complex task that relies on working memory and problem-solving capabilities. Children did not create strong passwords and require additional support in password practice informed by addressing the cognitive processes that underpin it. Furthermore, children need guidance on password privacy and sharing.
Methods: The preregistered study was correlational and involved 147 seven- to 12-year-olds. Cognitive measures included problem solving and working memory from the Wechsler Intelligence Scale for Intelligence (WISC-V), and selective attention from the test of everyday attention for children (TEA-Ch). Children’s password practice was assessed by asking children to authenticate on a computer using a given password and a created password with guidance. Password measures included password strength, authentication success, attempts and latency. Additionally, we measured children’s digital experience, password creation strategies, sharing practices, and perceptions of their own password practice.
Results: Problem solving positively predicted creating stronger passwords (B=0.123, SE (0.54), Wald =5.15, p =.02). Working memory negatively predicted authentication attempts (B=-0.22, SE= 0.09, Wald =5.96, p=.02). Password strength scores were weak across all age groups. Younger children were significantly less likely to create their own passwords than older children. Children reported sharing passwords with friends, other class members and “anyone that asked”.
Conclusion and implications: Password creation and authentication is a cognitively complex task that relies on working memory and problem-solving capabilities. Children did not create strong passwords and require additional support in password practice informed by addressing the cognitive processes that underpin it. Furthermore, children need guidance on password privacy and sharing.
| Original language | English |
|---|---|
| Publication status | Published - 2 Jul 2024 |
| Event | BPS Cyberpsychology Section Annual Conference 2024 - Liverpool John Moores University, Liverpool, United Kingdom Duration: 1 Jul 2024 → 2 Jul 2024 https://www.bps.org.uk/event/cyberpsychology-section-annual-conference-2024 |
Conference
| Conference | BPS Cyberpsychology Section Annual Conference 2024 |
|---|---|
| Country/Territory | United Kingdom |
| City | Liverpool |
| Period | 1/07/24 → 2/07/24 |
| Internet address |