Security and usability: the case of the user authentication methods

[Admin]

41. Robert JM. Braz C., 2006, Security and usability: the case of the user authentication methods, Montreal, ACM 1-59593-350-6.
a. The authentication process is essential for controlling the access to various resources and facilities. The design of usable yet secure user authentication methods raises crucial questions concerning how to solve conflicts between security and usability goals.
b. User authentication is the entry point to different computing networks or facilities in which a set of services are rendered to users or a set of tasks can be performed. Security usability is concerned with the study of how security information should be handled in the user interface [6J and how security should be easy of use. This paper presents the usability security issues of the user authentication methods in the computer security and access control domains.
c. The potential conflicts between security and usability might be minimized by making use of some general design heuristics principles such as minimize the user input, make decisions in the name of the user, notify the user of actions taken upon her/is behalf, and provide the user the capability to undo those actions when possible, and if not to Minimize their impact.
d. Passwords are the first line of defence against attacks to a computer system. The rules for password choice can be certainly a cumbersome problem for a user and a security problem for a system.
e. To be able to build reliable, effective and usable security systems, we need specific guidelines that take into account the specific constraints of security mechanisms. Systems should be built so as to be easy to learn and use by users with different backgrounds and skills.
f. Human factors should be incorporated into the development of security solutions where usability is central during the whole development process