Browser unable to execute script; please use the site map to navigate the site.

Gamifying Authentication

Kroeze and Olivier


(Citation)Citation information

C. J. Kroeze and M. S. Olivier. “Gamifying Authentication”. In: Information Security for South Africa (ISSA), 2012. IEEE, Aug. 2012, pp. 1–8


The fields of security and usability often conflict with each other. Security focuses on making systems difficult for attackers to compromise. However, doing this also increases difficulty for the user. Users in security are often seen as an obstacle - they are the weakest point of the system, willing to circumvent security policies in order to access their work faster. A large part of security is authentication: knowing who a user of a system is and denying access to unauthenticated users. Authentication is very often the starting point of user interaction with security systems. Unfortunately, authentication is still most commonly achieved using text-based passwords. This is often the easiest and cheapest system to implement. Most websites and services advise users to select unique, complex and lengthy passwords. These passwords are difficult for users to remember and often lead to irresponsible behaviour such as writing down or reusing passwords. Serious games are games that are designed for a different primary purpose than pure entertainment. This field includes gamification, where non-gaming contexts are enhanced by using principles from gaming. Examples include experience points, achievements, progress indicators and leader boards. Gamification uses these tools to persuade users to change their behaviour. If gamification can be applied to security, it may aid in convincing users to act more securely. This paper discusses the possibilities of applying gamification to authentication as a new approach to usability and security.

(Full text)Full text

A pre- or postprint of the publication is available at

(Authoritative version on publisher's site)Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.1109/ISSA.2012.6320439

(BibTeX record)BibTeX reference

author={Chistien J Kroeze and Martin S Olivier},
title={Gamifying Authentication},
booktitle={Information Security for South Africa (ISSA), 2012},
conferenceLocation={Johannesburg, Gauteng, South Africa},
dateOfCurrentVersion={04 October 2012},
IssueDate = {15-17 Aug. 2012},