TY - GEN
T1 - Systematization of Password Manager Use Cases and Design Paradigms
AU - Simmons, James
AU - Diallo, Oumar
AU - Oesch, Sean
AU - Ruoti, Scott
N1 - Publisher Copyright:
© 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2021/12/6
Y1 - 2021/12/6
N2 - Despite efforts to replace them, passwords remain the primary form of authentication on the web. Password managers seek to address many of the problems with passwords by helping users generate, store, and fill strong and unique passwords. Even though experts frequently recommend password managers, there is limited information regarding their usability. To aid in designing such usability studies, we systematize password manager use cases, identifying ten essential use cases, three recommended use cases, and four extended use cases. We also systematize the system designs employed to satisfy these use cases, designs that should be examined in usability studies to understand their relative strengths and weaknesses. Finally, we describe observations from 136 cognitive walkthroughs exploring the identified essential use cases in eight popular managers. Ultimately, we expect that this work will serve as the foundation for an explosion of new research into the usability of password managers.
AB - Despite efforts to replace them, passwords remain the primary form of authentication on the web. Password managers seek to address many of the problems with passwords by helping users generate, store, and fill strong and unique passwords. Even though experts frequently recommend password managers, there is limited information regarding their usability. To aid in designing such usability studies, we systematize password manager use cases, identifying ten essential use cases, three recommended use cases, and four extended use cases. We also systematize the system designs employed to satisfy these use cases, designs that should be examined in usability studies to understand their relative strengths and weaknesses. Finally, we describe observations from 136 cognitive walkthroughs exploring the identified essential use cases in eight popular managers. Ultimately, we expect that this work will serve as the foundation for an explosion of new research into the usability of password managers.
KW - Expert review
KW - Password managers
KW - Systematization
UR - http://www.scopus.com/inward/record.url?scp=85121592174&partnerID=8YFLogxK
U2 - 10.1145/3485832.3485889
DO - 10.1145/3485832.3485889
M3 - Conference contribution
AN - SCOPUS:85121592174
T3 - ACM International Conference Proceeding Series
SP - 528
EP - 540
BT - Proceedings - 37th Annual Computer Security Applications Conference, ACSAC 2021
PB - Association for Computing Machinery
T2 - 37th Annual Computer Security Applications Conference, ACSAC 2021
Y2 - 6 December 2021 through 10 December 2021
ER -