The Authentication Equation: A Tool to Visualize the Convergence of Security and Usability of Text-Based Passwords

Published: August 04, 2015

Author(s)

Cathryn A. Ploehn, Kristen Greene

Abstract

Password management is the ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and usability needs are often in contention. Until an improved authentication method beyond character input is developed and implemented on a large scale, developing new methodologies for balancing these competing requirements is vital. This research project focused on building a data visualization tool\\ (https://github.com/usnistgov/DataVis) to explore password usability and security metrics. The visualization tool integrates various measurements of passwords, enabling the exploration of the intersection of their usability and security components. The tool is based on insight from previously gathered data from usability studies conducted at the United States National Institute of Standards and Technology. It also leverages web technologies to flexibly display data sets computed from sets of passwords.
Proceedings Title: In Proceedings of the 2015 Human Computer Interaction International Conference
Conference Dates: August 2-7, 2015
Conference Location: Los Angeles, CA
Conference Title: 17th International Conference on Human-Computer Interaction (HCII 2015)
Pub Type: Conferences

Keywords

data visualization, usable security, keystrokes, entropy, password policies, password permutation
Created August 04, 2015, Updated February 19, 2017