Technical Reports: CMU-CyLab-13-002

Title:Warning Design Guidelines
Authors:Lujo Bauer, Cristian Bravo-Lillo, Lorrie Cranor, and Elli Fragkaki
Publication Date:February 5, 2013


This document contains a set of guidelines aimed at helping software designers and developers in designing moreeffective warning dialogs. These guidelines were compiled from available literature on usable security and warningsresearch and from Human Interface Guidelines for three broadly used operating systems: Windows, MacOS, and Linux.

A brief description of the guidelines follows:

  1. Describe the risk comprehensively: Warnings are meant to alert the user of an impending risk to her informationor her identity. Whenever a warning is used, the risk that motivates the usage of a warning should beidentified and presented clearly.
  2. Be concise and accurate: Warnings always interrupt the user. If too long, overly technical, inaccurate, orambiguous, a warning will simply be discarded and its purpose will be lost.
  3. Offer meaningful options: Warnings should present understandable choices, and enough information to decidebetween them.
  4. Present relevant contextual information: In most contexts that require a warning to be shown, a computeror software system cannot make a decision on behalf of the user. Warnings should present relevant contextualinformation that allows the user to make an informed decision.
  5. Present relevant auditing information: In some contexts, actions have been performed in the past that mayhelp a user understand the risks associated with the choice she needs to make. In such cases, relevant auditinginformation should be presented.
  6. Follow a consistent layout: Warnings that follow a common visual layout can be recognized faster. We suggesta common layout based on the Human Interface Guidelines (HIG) of the most broadly used operating systems.

Full Report: CMU-CyLab-13-002