We are virtually in Hawai'i, aloha! This year, two HITS papers were accepted for the LBW-track of this year's CHI 2024, taking place from 11-16 May!
The first paper by Emiram, Katharina and Patricia arised from Katharina's master thesis and gives a first look into the usability of Credential Audit (CA) Interfaces in Password Managers. CA Interfaces or also called Security Dashboards are features of Password Managers that identify weak, reused, compromised passwords and more. We conducted 11 semi-structured interviews with Password Managers users, asking about awareness, motivations of (non-) adoption, perceived usability and improvements. Our study reveals security as the primary motivator for adoption and shows that despite feeling overwhelmed by the interface, participants expressed a commitment to enhance their password security by using credential audit tools. From the usability perspective, users would like to have more clarity and transparency in the feedback provided by the CA. With this first paper about the usability and motivators for using CA tools, we hope that more research works will follow to explore CA interfaces in future.
Check the presentation video on YouTube and read the full paper here.
Together with Jorrit Geels and Hanna Schraffenberger from Radboud University (the Netherlands), Yorick worked on a paper about using identity wallets for digitally signing documents . Documents are largely stored and shared digitally, but are often still signed using (copies of) handwritten signatures, which are sensitive to fraud. Though secure, cryptography-based signature solutions exist, they are hardly used due to usability issues. Our paper proposes to use digital identity wallets for securely and intuitively signing digital documents with verified personal data. We implemented this vision in a prototype application, which was assessed in a moderated usability test with 15 participants and a remote unmoderated usability test with 99 participants. While participants generally expressed satisfaction with the system, they also misunderstood how to interpret the signature information displayed by the prototype. Specifically, participants also trusted documents signed with irrelevant data. We conclude that such unwarranted trust forms a threat to usable digital signatures and requires attention by the usable security community.
Check the presentation video on this paper on YouTube and read the full paper here.
Reach out to us for questions or to talk about research!