Published: August 02, 2015
Author(s)
Cathryn Ploehn (NIST), Kristen Greene (NIST)
Conference
Name: 3rd International Conference on Human Aspects of Information Security, Privacy and Trust
Dates: August 2-7, 2015
Location: Los Angeles, California, United States
Citation: Human Aspects of Information Security, Privacy, and Trust: Third International Conference, HAS 2015, Lecture Notes in Computer Science vol. 9190, pp. 95-106
Password management is the ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and usability needs are often in contention. Until an improved authentication method beyond character input is developed and implemented on a large scale, developing new methodologies for balancing these competing requirements is vital.
This research project focused on building a data visualization tool to explore password usability and security metrics. The visualization tool integrates various measurements of passwords, enabling the exploration of the intersection of their usability and security components. The tool is based on insight from previously gathered data from usability studies conducted at the United States National Institute of Standards and Technology. It also leverages web technologies to flexibly display data sets computed from sets of passwords. The tool is available at https://github.com/usnistgov/DataVis.
Password management is the ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and usability needs are often in contention....
See full abstract
Password management is the ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and usability needs are often in contention. Until an improved authentication method beyond character input is developed and implemented on a large scale, developing new methodologies for balancing these competing requirements is vital.
This research project focused on building a data visualization tool to explore password usability and security metrics. The visualization tool integrates various measurements of passwords, enabling the exploration of the intersection of their usability and security components. The tool is based on insight from previously gathered data from usability studies conducted at the United States National Institute of Standards and Technology. It also leverages web technologies to flexibly display data sets computed from sets of passwords. The tool is available at https://github.com/usnistgov/DataVis.
Hide full abstract
Keywords
data visualization; usable security; keystrokes; entropy; password policies; password permutation
Control Families
None selected