Systematization of Password Manager Use Cases and Design Paradigms

James Simmons, Oumar Diallo, Sean Oesch, Scott Ruoti

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

Despite efforts to replace them, passwords remain the primary form of authentication on the web. Password managers seek to address many of the problems with passwords by helping users generate, store, and fill strong and unique passwords. Even though experts frequently recommend password managers, there is limited information regarding their usability. To aid in designing such usability studies, we systematize password manager use cases, identifying ten essential use cases, three recommended use cases, and four extended use cases. We also systematize the system designs employed to satisfy these use cases, designs that should be examined in usability studies to understand their relative strengths and weaknesses. Finally, we describe observations from 136 cognitive walkthroughs exploring the identified essential use cases in eight popular managers. Ultimately, we expect that this work will serve as the foundation for an explosion of new research into the usability of password managers.

Original languageEnglish
Title of host publicationProceedings - 37th Annual Computer Security Applications Conference, ACSAC 2021
PublisherAssociation for Computing Machinery
Pages528-540
Number of pages13
ISBN (Electronic)9781450385794
DOIs
StatePublished - Dec 6 2021
Externally publishedYes
Event37th Annual Computer Security Applications Conference, ACSAC 2021 - Virtual, Online, United States
Duration: Dec 6 2021Dec 10 2021

Publication series

NameACM International Conference Proceeding Series

Conference

Conference37th Annual Computer Security Applications Conference, ACSAC 2021
Country/TerritoryUnited States
CityVirtual, Online
Period12/6/2112/10/21

Keywords

  • Expert review
  • Password managers
  • Systematization

Fingerprint

Dive into the research topics of 'Systematization of Password Manager Use Cases and Design Paradigms'. Together they form a unique fingerprint.

Cite this