A long-term trial of alternative user authentication technologies |
Modern IT systems have a continued requirement for reliable user authentication at login. However, the majority of systems are still using username/password combinations, in spite of a variety of recognised weaknesses. Identifies the need for improved login authentication, and investigates the suitability of two alternative methods, using cognitive questions and an image-based PIN. The effectiveness of these techniques has already been evaluated in an earlier study, which assessed users' ability to recall the necessary information after a prolonged period of inactivity. Here, the evaluation is focused on the perceived acceptability of the techniques, based upon users' longer-term opinions arising from a period of regular usage. Discovers that 56 per cent of the participants would support the use of such techniques as a replacement for traditional password or numeric PIN-based authentication. However, also discovers that some users have the potential to compromise the security of the methods by using them inappropriately. As such, concludes that, although the use of alternative authentication techniques is viable, further research is needed to refine the approaches and identify the best combination of methods across a larger base of users
Furnell SM, Papadopoulos I, Haskell-Dowland PS (Dowland PS)