Details
Original language | English |
---|---|
Title of host publication | CHI '24 |
Subtitle of host publication | Proceedings of the CHI Conference on Human Factors in Computing Systems |
Number of pages | 19 |
ISBN (electronic) | 9798400703300 |
Publication status | Published - 11 May 2024 |
Event | 2024 CHI Conference on Human Factors in Computing Sytems, CHI 2024 - Hybrid, Honolulu, United States Duration: 11 May 2024 → 16 May 2024 |
Abstract
Fallback authentication, the process of re-establishing access to an account when the primary authenticator is unavailable, holds critical significance. Approaches range from secondary channels like email and SMS to personal knowledge questions (PKQs) and social authentication. A key diference to primary authentication is that the duration between enrollment and authentication can be much longer, typically months or years. However, few systems have been studied over extended timeframes, making it difficult to know how well these systems truly help users recover their accounts. We also lack meaningful comparisons of schemes as most prior work examined two mechanisms at most. We report the results of a long-term user study of the usability of fallback authentication over 18 months to provide a fair comparison of the four most commonly used fallback authentication methods. We show that users prefer email and SMS-based methods, while mechanisms based on PKQs and trustees lag regarding successful resets and convenience.
Keywords
- email, fallback authentication, personal knowledge questions, SMS
ASJC Scopus subject areas
- Computer Science(all)
- Human-Computer Interaction
- Computer Science(all)
- Computer Graphics and Computer-Aided Design
- Computer Science(all)
- Software
Cite this
- Standard
- Harvard
- Apa
- Vancouver
- BibTeX
- RIS
CHI '24: Proceedings of the CHI Conference on Human Factors in Computing Systems. 2024. 970.
Research output: Chapter in book/report/conference proceeding › Conference contribution › Research › peer review
}
TY - GEN
T1 - A Comparative Long-Term Study of Fallback Authentication Schemes
AU - Lassak, Leona
AU - Markert, Philipp
AU - Golla, Maximilian
AU - Stobert, Elizabeth
AU - Dürmuth, Markus
N1 - Publisher Copyright: © 2024 Copyright held by the owner/author(s)
PY - 2024/5/11
Y1 - 2024/5/11
N2 - Fallback authentication, the process of re-establishing access to an account when the primary authenticator is unavailable, holds critical significance. Approaches range from secondary channels like email and SMS to personal knowledge questions (PKQs) and social authentication. A key diference to primary authentication is that the duration between enrollment and authentication can be much longer, typically months or years. However, few systems have been studied over extended timeframes, making it difficult to know how well these systems truly help users recover their accounts. We also lack meaningful comparisons of schemes as most prior work examined two mechanisms at most. We report the results of a long-term user study of the usability of fallback authentication over 18 months to provide a fair comparison of the four most commonly used fallback authentication methods. We show that users prefer email and SMS-based methods, while mechanisms based on PKQs and trustees lag regarding successful resets and convenience.
AB - Fallback authentication, the process of re-establishing access to an account when the primary authenticator is unavailable, holds critical significance. Approaches range from secondary channels like email and SMS to personal knowledge questions (PKQs) and social authentication. A key diference to primary authentication is that the duration between enrollment and authentication can be much longer, typically months or years. However, few systems have been studied over extended timeframes, making it difficult to know how well these systems truly help users recover their accounts. We also lack meaningful comparisons of schemes as most prior work examined two mechanisms at most. We report the results of a long-term user study of the usability of fallback authentication over 18 months to provide a fair comparison of the four most commonly used fallback authentication methods. We show that users prefer email and SMS-based methods, while mechanisms based on PKQs and trustees lag regarding successful resets and convenience.
KW - email
KW - fallback authentication
KW - personal knowledge questions
KW - SMS
UR - http://www.scopus.com/inward/record.url?scp=85194896591&partnerID=8YFLogxK
U2 - 10.1145/3613904.3642889
DO - 10.1145/3613904.3642889
M3 - Conference contribution
AN - SCOPUS:85194896591
BT - CHI '24
T2 - 2024 CHI Conference on Human Factors in Computing Sytems, CHI 2024
Y2 - 11 May 2024 through 16 May 2024
ER -