Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
Articles 1 - 8 of 8
Full-Text Articles in Physical Sciences and Mathematics
Managing Two-Factor Authentication Setup Through Password Managers, Jonathan William Dutson
Managing Two-Factor Authentication Setup Through Password Managers, Jonathan William Dutson
Theses and Dissertations
Two-factor authentication (2FA) provides online accounts with protection against remote account compromise. Despite the security benefits, adoption of 2FA has remained low, in part due to poor usability. We explore the possibility of improving the usability of the 2FA setup process by providing setup automation through password managers. We create a proof-of-concept KeePass (a popular password manager) extension that adds browser-based automation to the 2FA setup process and conduct a 30-participant within-subjects user study to measure user perceptions about the system. Our system is found to be significantly more usable than the current manual method of 2FA setup for multiple …
Resolving The Privacy Paradox: Bridging The Behavioral Intention Gap With Risk Communication Theory, Justin Chun Wah Wu
Resolving The Privacy Paradox: Bridging The Behavioral Intention Gap With Risk Communication Theory, Justin Chun Wah Wu
Theses and Dissertations
The advent of the Internet has led to vastly increased levels of data accessibility to both users and would-be attackers. The privacy paradox is an established phenomenon wherein users express concern about resultant security and privacy threats to their data, but nevertheless fail to enact the host of protective measures that have steadily become available. The precise nature of this phenomenon, however, is not a settled matter. Fortunately, risk communication theory, a discipline devoted to understanding the factors involved in risk-oriented decision-making and founded in years of empirical research in public health and disaster awareness domains, presents an opportunity to …
User Attitudes About Duo Two-Factor Authentication At Byu, Jonathan Dutson
User Attitudes About Duo Two-Factor Authentication At Byu, Jonathan Dutson
Undergraduate Honors Theses
Simple password-based authentication provides insufficient protection against increasingly common incidents of online identity theft and data loss. Although two-factor authentication (2FA) provides users with increased protection against attackers, users have mixed feelings about the usability of 2FA. We surveyed the students, faculty, and staff of Brigham Young University (BYU) to measure user sentiment about DUO Security, the 2FA system adopted by BYU in 2017. We find that most users consider DUO to be annoying, and about half of those surveyed expressed a preference for authentication without using a second-factor. About half of all participants reported at least one instance of …
Evaluating The Usability Of Two-Factor Authentication, Kendall Ray Reese
Evaluating The Usability Of Two-Factor Authentication, Kendall Ray Reese
Theses and Dissertations
Passwords are the dominant form of authentication on the web today. However,many users choose weak passwords and reuse the same password on multiple sites, thus increasing their vulnerability to having their credentials leaked or stolen. Two-factor authentication strengthens existing password authentication schemes against impersonation attacks and makes it more difficult for attackers to reuse stolen credentials on other websites. Despite the added security benefits of two-factor authentication, there are still many open questions about its usability. Many two-factor authentication systems in widespread usage today have not yet been subjected to adequate usability testing. Previous comparative studies have demonstrated significant differences …
Usable, Secure Content-Based Encryption On The Web, Scott Ruoti
Usable, Secure Content-Based Encryption On The Web, Scott Ruoti
Theses and Dissertations
Users share private information on the web through a variety of applications, such as email, instant messaging, social media, and document sharing. Unfortunately, recent revelations have shown that not only is users' data at risk from hackers and malicious insiders, but also from government surveillance. This state of affairs motivates the need for users to be able to encrypt their online data.In this dissertation, we explore how to help users encrypt their online data, with a special focus on securing email. First, we explore the design principles that are necessary to create usable, secure email. As part of this exploration, …
Browser-Based Manual Encryption, Yuanzheng Song
Browser-Based Manual Encryption, Yuanzheng Song
Theses and Dissertations
Billions of web-based email and chat messages are sent over the Internet every day. However, very few service providers support end-to-end privacy protection. While providing security for these messages is technically feasible, usability remains a challenge in this field. Recent research attempts to hide security details like key management and encryption in order to make the system more usable. However usability studies demonstrated that hiding these details may confuse the user and contribute to mistakes (e.g., sending out an email in plaintext when the user thought it would be encrypted). In an effort to increase trust and eliminate mistakes, this …
Pwm: A Secure Webmail System Designed For Easy Adoption, Benjamin W. Burgon
Pwm: A Secure Webmail System Designed For Easy Adoption, Benjamin W. Burgon
Theses and Dissertations
None of the three largest webmail service providers (serving over 1 billion users) support end-to-end message encryption. Encrypted email has never seen mass adoption because it is prohibitive for non-experts to use. Private WebMail (Pwm) is our extension to popular webmail systems that lets users easily encrypt sensitive messages without having to first contact the recipient and share information. It is designed to spread quickly in a grassroots fashion so that a user receiving their first encrypted message can quickly and easily start using the system. This thesis describes the design and implementation of Pwm, then measures its usability through …
Message Protector: Demonstrating That Manual Encryption Improves Usability, Nathan I. Kim
Message Protector: Demonstrating That Manual Encryption Improves Usability, Nathan I. Kim
Theses and Dissertations
Billions of people currently use the Internet. Many Internet users share sensitive information through online services. Several secure data sharing tools have been developed to protect this sensitive information. A common practice in the design of usable security is to provide automatic data encryption that is transparent to users. We hypothesize that automatic encryption can decrease usability and comprehensibility, increasing the likelihood that users will unknowingly disclose sensitive information. This thesis presents Message Protector (MP), a novel Internet secure data sharing tool design that through manual encryption, purposely exposes technical details in a usable manner to increase usability and reduce …