Scientists from Brigham Young University (BYU) have conducted a study on the reasons why people tend to ignore computer security warnings and the most opportune moment to show these alerts.

Researchers had people complete computer tasks while an fMRI device would record their brain activity. The BYU team discovered that neural activity decreased when security warnings interrupted the user from ongoing tasks.

The research showed that people focused on the security warning when the alert would come after or before an action. They explain this quirk because of our inability to multi-task.

Alerts are inefficient because they interrupt users

From all tested subjects, the BUY team says that 74 percent of people ignored the security messages when they were about to close a window, 79 percent ignored them when they were watching a video, and 87 percent disregarded the alerts when transferring information, such as a file, or entering a confirmation code.

Jeff Jenkins, study lead author, says that software developers "can mitigate this problem simply by finessing the timing of the warnings. Waiting to display a warning to when people are not busy doing something else increases their security behavior substantially."

The team says that the best timing for showing a security warning is after watching a video, while the user is waiting for a page to load, or after already interacting with a website, but not when the user is ready to leave.

Problem relies with the developer community, not with users

Unfortunately, he and his colleagues go on to say that the software industry doesn't take into account the timing of security warnings at all.

To get the ball rolling and address how software developers deal with security warnings, the BYU researchers reached out and collaborated with Google Chrome security engineers.

The Google team was so impressed by the BYU research that they said they'd be adjusting the timing at which they show the popup for the Chrome Cleanup Tool, a security message in Google Chrome for Windows.