Case Study Exploring Childrens Password Knowledge and Practices
Yee-Yin Choong, Mary F. Theofanos, Karen Renaud, Suzanne Prior
Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous password, and this might well be a suboptimal choice. Designing authentication for children requires acknowledgement of child-specific developmental challenges related to literacy, cognitive abilities and differing developmental stages. Understanding the current state of play is essential, to deliver insights that can inform the development of child-centred authentication mechanisms and processes. We carried out a systematic literature review of all research related to children and authentication since 2000. A distinct research gap emerged from the analysis. Thus, we designed and administered a survey to school children in the United States (US), so as to gain insights into their current password usage and behaviors. This paper reports preliminary results from a case study of 189 children (part of a much larger research effort). The findings highlight age-related differences in childrens password understanding and practices. We also discovered that children confuse concepts of safety and security. We conclude by suggesting directions for future research. This paper reports on work in progress.
Proceedings of 2019 Workshop on Usable Security (USEC)
February 24, 2019
San Diego, CA
Workshop on Usable Security and Privacy (USEC) 2019