New research has found that the vast majority of users are likely to ignore a security alert on their PC – or any kind of pop-up message, for that matter – if they're busy doing something else on the computer that demands their concentration.
The long and short of the study from Brigham Young University – which was conducted using an MRI machine to measure the brain activity of participants – is that we're not very good at multitasking, so if our focus is elsewhere when a security warning pops up, it'll likely be ignored and dismissed.
Indeed, the researchers found that security alerts were ignored in up to 90% of cases. Specific cases were examined and it was found that if the alert appeared when closing a web page, 74% would dismiss it out of hand, whereas if the pop-up presented itself when users were entering a confirmation code, 87% ignored it.
The research paper observed: "Our findings suggest that although alerts are pervasive in personal computing, they should be bounded in their presentation. The timing of interruptions strongly influences the occurrence of DTI [dual-task interference – impacted performance from doing two tasks simultaneously] in the brain, which in turn substantially impacts alert disregard."
So, it's obvious that developers need to seriously consider exactly when they display such security warnings to users in order to ensure they have the greatest chance of being effective.
The paper further notes: "Our results suggest that for those messages that can be safely pre-empted or delayed, waiting until between primary tasks to display a message will result in substantially higher performance on the security task.
"Again, in our experiments using security messages, users' security message disregard was decreased 15% by displaying the security warning between primary tasks."
So there you have it – the secret of great security alerts (as well as great comedy) is all in the timing.
- Check out how Microsoft just made Windows 10 more secure