1. The study explored account sharing behaviors in romantic relationships and found that the "1 user - 1 account" security model poses challenges for couples.
2. Participants reported sharing accounts for reasons of convenience, household maintenance, trust, and relationship maintenance. As relationships progressed, sharing of financial accounts increased.
3. The researchers propose alternative security architectures, such as multiple profiles per account or group password managers, to better accommodate the needs and goals of romantic partners in sharing accounts.
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relationships (SOUPS 2018)
1. Cheul Young Park, Cori Faklaris, Siyan Zhao,
Alex Sciuto, Laura Dabbish, and Jason Hong
Aug. 13, 2018
USENIX Symposium on Usable Privacy and Security
(SOUPS 2018), Baltimore, Md., USA
Share & Share Alike?
An Exploration of Secure Behaviors
in Romantic Relationships
Human-Computer Interaction Institute
2. Key takeaways from our study
1. The “1 user - 1 account” model of end-user cybersecurity poses
usability challenges for romantic couples.
● Ex: Who carries the “thing you have” for two-factor authentication of shared accounts?
● Ex: Partner as “insider threat” to personal data in a breakup or domestic dispute.
2
2. When designing account sharing features for romantic couples,
evaluate how they support users’ functional AND emotional goals:
● Household maintenance.
● Trust.
● Convenience.
● Relationship maintenance (the novel finding of our study).
Cori Faklaris - August 2018 - Carnegie Mellon University - Page 2
3. Growing emphasis on ‘social cybersecurity’
● Previous studies have looked at
sharing in such social contexts
as households, companies, and
indigenous communities.
● Our work is among the first to
examine security behaviors in
romantic relationships.
Page 3
Half of U.S. adults in
2016 were married,
with 7% more
cohabitating - Pew
Research Center
4. Related works in usable security research
● Trust & convenience as drivers of sharing
○ Ex: Singh et al. “Password sharing: implications for security design based on social
practice.” (CHI 2007)
● Taxonomy of sharing types
○ Ex: Matthews et al. "She'll just grab any device that's closer: A Study of Everyday
Device & Account Sharing in Households." (CHI 2016)
● Social psychology lens for security behaviors
○ Ex: Das et al. "The effect of social influence on security sensitivity." (SOUPS 2014)
● Intimate partner abuse
○ Ex: Muslukhov et al. "Know your enemy: the risk of unauthorized access in
smartphones by insiders." (International conference on Human-computer interaction
with mobile devices and services. 2013.)
4Cori Faklaris - August 2018 - Carnegie Mellon University - Page 4
5. Research questions for our study
● RQ1: How do individual differences affect
sharing behaviors — age, gender, income,
education, relationship status, and
relationship duration?
● RQ2: Do sharing behaviors differ with types
of accounts and stages of a relationship —
finance vs. entertainment accounts, early
vs. late relationships?
5
$$$
Cori Faklaris - August 2018 - Carnegie Mellon University - Page 5
6. Methodology: Participants recruited on MTurk
● We aimed to recruit workers on
Amazon Mechanical Turk with
○ an approval rating >95% and
○ >1000 tasks approved.
● The study was limited to
○ U.S. residents age 18 or older
○ who had ever experienced a romantic
relationship for longer than one month or
○ had broken up less than one year ago.
6Cori Faklaris - August 2018 - Carnegie Mellon University - Page 6
7. Methodology: Online questionnaire
We deployed a Qualtrics survey between Aug.
30 and Sep. 6, 2017, covering these questions:
1. What accounts do people own and share? —
Original list of accounts drawn from Alexa.com
2. How & why do people share their accounts?
— Ownership, frequency of usage, ease of access,
reasons and methods for sharing (and hiding)
3. Demographics: gender, age, income, education,
sexual orientation, relationship status, etc.
7Cori Faklaris - August 2018 - Carnegie Mellon University - Page 7
8. Methodology: Online questionnaire
We defined couples’ account sharing as:
● The partner has ready access or the ability to
access the participant-owned account; or
● The partner must use the participant-owned
account account more than “never”; or
● The participant must use the partner-owned
account account more than “never”; or
● The account is jointly owned by both the
participant and their partner.
8Cori Faklaris - August 2018 - Carnegie Mellon University - Page 8
9. Methodology: Data analysis
● Quantitative analysis to infer how demographic or relationship
variables affected sharing for n=174 participants.
○ Hypothesis 1: Those who are younger and more educated would
report sharing less. Not supported.
○ Hypothesis 2: Those who reported less income and were in a
relationship or cohabiting for a longer time would report sharing
more. Partly supported.
● Qualitative analysis to identify themes in open-ended responses
to questions about sharing motivations and methods.
○ Iterative coding of text responses conducted by 3 authors (α = 0.49-0.79).
9Cori Faklaris - August 2018 - Carnegie Mellon University - Page 9
10. Trigger for sharing - romantic ‘leap of faith’?
● Statistically significant differences in
account sharing were found for marital
status, cohabitation status, relationship
duration, and cohabitation duration, with
positive effect sizes. (RQ1)
● Effects are more pronounced in male
subgroups than females (although gender
itself is not significant). (RQ1)
○ Possibly reflecting that males traditionally are
registered owners of properties used by couples?
10Cori Faklaris - August 2018 - Carnegie Mellon University - Page 10
11. First comes Netflix, then comes Costco …
11
● People in new relationships
(<7 months duration) share more
entertainment accounts. (RQ2)
○ Those in new relationships also
share significantly fewer financial
accounts. (RQ2)
● People who are in relationships
that are not new (>= 7 months in
duration) share more jointly
owned accounts. (RQ2)
Proportion of
accounts shared,
by categories of
accounts.
Cori Faklaris - August 2018 - Carnegie Mellon University - Page 11
12. People reported sharing accounts for reasons that fell into one
of four general categories:
● Convenience (63.8% of responses).
● Household maintenance:
○ Economics (60.1%).
○ Logistics (67.3%).
● Trust (45.3%).
● Relationship maintenance:
○ Relationship well-being (20.9%).
○ Support (5.6%).
Account sharing is both functional & emotional
12Cori Faklaris - August 2018 - Carnegie Mellon University - Page 12
$
13. Functional: Convenience, Household Maintenance
● “These are common streaming accounts that
we share. There is no need for us to have our
own accounts when it comes to streaming.”
● “We have been married for 7 years so far and
have 2 kids. We both need to know what we
have in the accounts in order to make purchase
and pay bills. It[']s important we have a
working knowledge of the money we share.”
13Cori Faklaris - August 2018 - Carnegie Mellon University - Page 13
14. Emotional: Trust, Relationship Maintenance
● “I choose to share for utilities because I trust
my partner, and believe both people should
have access to them.”
● “[We share accounts] to discuss sports and see
highlights of the night before. [We] use [it] for
different content also.”
● “I already had a netflix account before we
started dating. ... I gave her my password so she
could watch when we weren't together.”
14Cori Faklaris - August 2018 - Carnegie Mellon University - Page 14
15. Many usability challenges for couples sharing
● Some participants reported using less-secure
practices or “workarounds” for accounts that
didn’t easily accommodate secure sharing.
○ Ex: “The amazon account is automatically signed
in. We both use it/share the Prime account to keep
costs down and use our own credit cards attached
to it.”
● Some participants mentioned hiding accounts
or keeping separate accounts to guard privacy
or individuality, also for surprises or gifts.
15Cori Faklaris - August 2018 - Carnegie Mellon University - Page 15
16. Alternative to ‘1 user-1 account’ architecture
● We suggest designing a security architecture to support the
“multiple profile - 1 account” model used by Netflix & Hulu as a
way to help romantic partners balance data intimacy and privacy.
16Cori Faklaris - August 2018 - Carnegie Mellon University - Page 16
Me Us Kids
17. Alternative to ‘1 user-1 account’ architecture
● We suggest designing a security architecture to support the
“multiple profile - 1 account” model used by Netflix & Hulu as a
way to help romantic partners balance data intimacy and privacy.
17Cori Faklaris - August 2018 - Carnegie Mellon University - Page 17
Secured Account
Individual 1’s data
Individual 2’s data
Shared
data
18. Alternative model 2: ‘1 user-but sharing data’
18Cori Faklaris - August 2018 - Carnegie Mellon University - Page 18
Another
example
from
Google
Photos
Source:
https://www.a
ndroidpit.com
/how-to-use-g
oogle-photos
Me
My partner
19. Alternative model 3: Group password managers
19Cori Faklaris - August 2018 - Carnegie Mellon University - Page 19
Family
sharing -
1Password
Source:
https://www.ho
wtogeek.com/2
43849/how-to-s
afely-share-pas
swords-with-fa
mily-members/
20. Challenges = opportunity for financial brands?
● Our data show a long tail of account sharing by brand. Usability
improvements for couples could help in gaining market share.
20
Number of users
for accounts
reported shared
by >=10
participants and
partner.
Cori Faklaris - August 2018 - Carnegie Mellon University - Page 20
21. Many usability challenges for those breaking up
● For jointly owned accounts, incorporate
programming to easily allow for the splitting
of accounts when couples part ways.
21Cori Faklaris - August 2018 - Carnegie Mellon University - Page 21
Me The Ex Kids
22. Many usability challenges for those breaking up
● Help users to keep track of unauthorized
usages of their accounts through such
methods as notifications and reminders.
22Cori Faklaris - August 2018 - Carnegie Mellon University - Page 22
Anomalies in your account have been detected.
Review sharing settings? Yes Not now
23. 1. The “1 user - 1 account” model of end-user
cybersecurity poses usability challenges for
romantic couples.
2. Design for account sharing to support
relationship maintenance along with trust,
household maintenance, and convenience.
Any questions?
You can find me at
○ Twitter: @heycori | Email: heycori @cmu.edu
○ Website: http://corifaklaris.com
23Page 23