The Authentication Equation: A Tool to Visualize the Convergence of Security and Usability of Text-Based Passwords

• Published in: Human Aspects of Information Security, Privacy, and Trust pp. 95 - 106
• Main Authors: Ploehn, Cathryn A., Greene, Kristen K.
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing 2015
• Series: Lecture Notes in Computer Science
• Subjects: Data visualization; Entropy; Keystrokes; Password permutation; Password policies; Usable security
• ISBN: 9783319203751; 3319203754
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-20376-8_9

Password management is a ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and usability needs are often in contention. Until an improved authentication method beyond character input is implemented on a large scale, developing new methodologies for balancing competing requirements is vital. This research project focused on building a data visualization tool to explore password usability and security metrics. The visualization tool integrates various measurements of passwords, enabling exploration of the intersection of their usability and security components. The tool is based on insight from previously gathered data from usability studies conducted at the United States National Institute of Standards and Technology. It also leverages web technologies to flexibly display data sets computed from sets of passwords. The tool is available at https://github.com/usnistgov/DataVis.