Hacked Time: Design and Evaluation of a Self-Efficacy Based Cybersecurity Game

A major reason why people don't use security tools online is that they perceive them as difficult and challenging, resulting in the lack of self-efficacy. Previous research has looked at improving user security attitude and practices through a variety of interventions, including transformational games. These games, targeted at improving security attitude and promoting change through gameplay, offer a new perspective on cybersecurity education. In this research we present the design and evaluation of Hacked Time, a desktop game that uses an integrative approach that incorporates Bandura's self-efficacy design framework to improve player self-efficacy. Using a randomized control trial (n=178), we demonstrate that our game is effective in improving player's security attitude and self-efficacy for using cybersecurity tools. We discuss how our design pattern can serve as an exemplar to enhance player self-efficacy in other fields.