designing login interfaces for mobiles
TRANSCRIPT
Designing Login Interfaces for Mobiles
Rohit Ashok Khot
“Nearly all men can stand adversity, but if you want to test a man’s character, give him power .”
Abraham Lincoln & Duarte
Point
Roadmap
I have story for every step of the way, so stay with me
1WHY
2WHAT
3HOW
Why? User Authen@ca@on
Personalized services & ConfidenJal access
1
Anything that reduces
Human Effort and saves Time.
The informa@on bubble
What is easy to remember ?
With
Great Power comes Great Responsibility.
The Web: An oxymoron
The Dream
The Reality
Web for good things
Web as privacy breach
Shoulder-‐surfing
The clear and present danger
Key loggers
Malwares
Phishing aOacks Reply aOacks
Brute Force
Social engineering aOacks
Educated guess (Dic@onary based) aOacks
Easy solu@on, but is it worth?.
What is easy to remember ?
1. User Authen@ca@on “The problem with securing assets and their func@onality is that, by defini@on, you don’t want to
protect them from everybody.” – Bruce Schneier.
User Authen@ca@on
PASSWORDS
• Simple to use, easy to understand.
• Familiar to most users. • Require no costly hardware or training.
• Easy to distribute and update. • No privacy worries.
Benefits
Passwords: Achilles’s heel of security system …
The whole no@on of passwords is based on an oxymoron: Having a random string that is easy to remember.
Usability of PASSWORDS
• Complexity. • Quan@ty. • Inconvenience.
Core Usability Problems
Complexity: Numbers, special characters, Randomiza@on
Quan@ty: Almost everyone wants a password.
Inconvenience: Asterisks
?
Wait… what about security issues?
There are in fact, a plenty.
Problem 1: Brute force and Dic@onary based aOacks
Problem 2: Malware and phishing aOacks
Problem 3: Shoulder surfing
A day at the ATM
We are being watched.
Covertly…
?
Therefore… What can We do about it?
Some interesJng soluJons
Idea 1: Change your pet’s name to your password.
Problem: Pets have tendency to die.
Idea 2: Buy and wear a password vest.
Problem: Emergency can strike at any @me.
Idea 3: Write on your skin or use password taOoos.
Problem: You have to tolerate odor or don’t bath.
Idea 4: Hire a password manager.
Problem: Missed connec@on.
Idea 5: Will it really work?
Idea 6: May God bless you with passwords.
?
Can we balance the need to Remember the password with the necessity of password being as Random as possible?
Let us look into CogniJve psychology!
2 What ? are We solving…
What about MOBILES
Why Mobile?
Why Mobile?
Why Mobile?
Why Mobile?
2. Designing for Mobiles
“Should not be Ad-‐hoc.”
The Advancements in User Interfaces
• Codified • Strict
• Metaphor • Exploratory
• Direct • Intui@ve
CLI
GUI
NUI
No Advancements in Login Interfaces
• Text password
• Text password
• Text password
CLI
GUI
NUI
Problem: Fat Finger problem.
Problem: Less context and no hover state.
Results: Erroneous typing and inaccurate clicks.
Difficulty in squeezing a full QWERTY keyboard.
44
44
3 How ? Can we Contribute…
EvaluaJon the usability of five authenJcaJon schemes for mobiles
Method 1: Normal keyboard based entry
Method 2: Fast words based entry
Fast words
Method 1: Morse code based entry
Gmail Tap: Not exactly an April Fool
Method 4: Image based entry
Picture Superiority Effect
What is easy to remember ?
Have you seen any of the presented images before?
Recogni@on based graphical passwords
Method 5: Gesture based entry
Picture Superiority Effect
?
But wait… There’s More!
Future Work!
Building Secure systems that people use
through User centered design.
Mom and Dad
Special Thanks
Marty Bucella
PreCog Labmates
Dr. Kannan Srinathan SID, IndiaHCI commiOee
Par@cipants
Dr. Ponnurangam Kumaraguru
Deep@, Viraj, Rutuja
