Cryptography Reference
In-Depth Information
master password on the terminal, the rest of the process being farily oblivious to the
user. The only distinction among these PMs are the underlying software interfaces.
According to the reviews available online [15][16], we chose Roboform2Go as our
USB manager, KeePassMobile as the Phone manager and LastPass as the Online man-
ager. Based on their popularity, we believe these three PMs are quite suitable for our
usability study which aims at comparing the three PM categories (USB, Phone and
Online). We also believe that our selection, and our use of existing and deployed imple-
mentations was a better approach than trying to pursue our study with our own (likely
unpolished) research prototypes of the PMs.
Devices:
We used common devices that most users are quite familiar with. We used
Imation 2GB USB 2.0 thumb drive [17] - as our USB manager - with RoboForm2Go
software. We chose Nokia 5310 mobile phone [18] as our Phone manager installed with
KeePassMobile. We used a Dell Desktop as our primary authentication terminal and a
Sony Laptop for the purpose of login from another terminal (see Section 4.2).
Browser:
Based on its popularity [19], Mozilla Firefox was used as the Internet browser
throughout our study. Participants were instructed to authenticate, using the three pass-
word managers, to a popular web email service - Gmail.
4
Usability Testing Details
Having made a selection of a password manager for each category (as discussed in Sec-
tion 3), we are now ready to start the usability study. The most obvious method to record
responses from a user is through the use of a 5-point Likert scale, in addition to open-
ended and multiple choice personal preference questionnaires. The questionnaires were
handed over to a user depending on which stage of testing he/she was at. The
During
Te s t
questionnaire was posed after the respondent finished performing each one of the
five tasks common to all the three password managers (these tasks will be discussed in
Section 4.2). The
Post Test
questionnaires, on the other hand, were asked after all the
three password managers had been tested by each user. Based on our discussion in Sec-
tion 2, we decided to evaluate and compare the password managers with respect to the
following usability and security measures. (A similar set of measures have previously
been used in the study of [12]).
•
During Test -
1.
Toughness:
how tough it was to execute each task? (1 question was posed)
2.
Satisfaction:
how satisfied the users felt with each task? (1 question was posed)
•
Post Test -
1.
Giving Control:
how users felt while giving control into the hands of a soft-
ware/tool to manage their passwords? (4 questions were posed)
2.
Perceived Ease:
did users find the password manager easy to use? (5 questions
were posed)
Search WWH ::
Custom Search