The Password Authentication from the User's Perspective

Abstract

The goal of this paper is to evaluate the password authentication from the end user’s point of view with respect to the ability of these users. Firstly, requirements to usable passwords are defined in accordance with usability engineering terminology, concretely learnability, efficiency, memorability, satisfaction and errors of a password. Then, through an experimental study the factors that affect various aspects of passwords usability are investigated. The goal of this experimental study was to investigate the trade-off between security and memorability in the real world context and to investigate whether the education of end users regarding the creation of secure passwords affects the security of their passwords. The participants were divided to six sub-groups according to whether they were or were not trained about passwords security and according to instructions how they were expected to choose their passwords. Data obtained through this controlled experiment are analysed and based on this analysis there are formulated conclusions in this paper.