Annual Computer Security Applications Conference (ACSAC) 2021

Full Program »

Systematization of Password Manager Use Cases and Design Paradigms

Despite efforts to replace them, passwords remain the primary form of authentication on the web. Password managers seek to address many of the problems with passwords by helping users generate, store, and fill strong and unique passwords. Even though password managers are frequently recommended by experts, there is limited information regarding their usability. To aid in the design of such usability studies, we systematize password manager use cases, identifying 10 essential use cases, 3 recommended use cases, and 4 extended use cases. We also systematize design paradigms that can be used to satisfy these use cases, paradigms that should be examined in usability studies to understand their relative strengths and weakness. Finally, we describe observations from a series of 136 cognitive walkthroughs exploring the identified essential use cases in 8 popular managers. Ultimately, our expectation is that this work will serve as the foundation for an explosion of new research into the usability of password managers.

James Simmons
The University of Tennessee

Oumar Diallo
The University of Tennessee

Sean Oesch
The University of Tennessee

Scott Ruoti
The University of Tennessee

Paper (ACM DL)

Slides

Video

 



Powered by OpenConf®
Copyright©2002-2021 Zakon Group LLC