Human Factors of Security Systems
Users are often described as “the weakest link” in security systems. Rather than blaming users, my research focuses on understanding the characteristics, limitations, goals, and tasks of users. For example, users have limited ability to memorize multiple, arbitrary passwords so alternatives to numerous userid-password pairs need to be explored. Also, users often have a poor understanding and appreciation of security systems, so the need to educate and motivate users is important. Finally, users goals and tasks often conflict with proper use of security measures, so understanding these goals is important for successful security system design.
Outcome from this work includes:
- A preliminary summary of human factors issues associated with security systems, with a focus on password-based access control
- A workshop on HCI & Security took place at the CHI 2003 Conference
- We have recently completed a review of the usability of some biometric security devices