Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Students and Grants
  • Program
    • At a Glance
    • Symposium Program
    • 2nd Workshop on Security Information Workers
    • Who Are You?! Adventures in Authentication
    • Workshop on Privacy Indicators
    • Workshop on Security Fatigue
    • Workshop on the Future of Privacy Notices and Indicators: Will Drones Deliver My Privacy Policy?
  • Activities
    • Poster Session
    • Birds-of-a-Feather Sessions
  • Sponsorship
  • Participate
    • Instructions for Authors and Speakers
    • Call for Nominations
    • Call for Papers
    • Call for Posters and Proposals
      • Call for Papers: 2nd Workshop on Security Information Workers
      • Call for Papers: Who are you?! Adventures in Authentication
      • Call for Papers: Workshop on Privacy Indicators
      • Call for Papers: Workshop on Security Fatigue
      • Workshop: Will Drones Deliver My Privacy Policy?
  • About
    • Organizers
    • Past Symposia

sponsors

Gold Sponsor
Silver Sponsor
Silver Sponsor
Bronze Sponsor
Media Sponsor
Media Sponsor
Industry Partner
  • Home
  • Attend
  • Program
  • Activities
  • Sponsorship
  • Participate
  • About

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Ask Me Again But Don't Annoy Me: Evaluating Re-authentication Strategies for Smartphones
Tweet

connect with us

Ask Me Again But Don't Annoy Me: Evaluating Re-authentication Strategies for Smartphones

Authors: 

Lalit Agarwal, Hassan Khan, and Urs Hengartner, University of Waterloo

Abstract: 

Re-authenticating users may be necessary for smartphone authentication schemes that leverage user behaviour, device context, or task sensitivity. However, due to the unpredictable nature of re-authentication, users may get annoyed when they have to use the default, non-transparent authentication prompt for re-authentication. We address this concern by proposing several re-authentication configurations with varying levels of screen transparency and an optional time delay before displaying the authentication prompt. We conduct user studies with 30 participants to evaluate the usability and security perceptions of these configurations. We find that participants respond positively to our proposed changes and utilize the time delay while they are anticipating to get an authentication prompt to complete their current task. Though our findings indicate no differences in terms of task performance against these configurations, we find that the participants' preferences for the configurations are context-based. They generally prefer the re-authentication configuration with a non-transparent background for sensitive applications, such as banking and photo apps, while their preferences are inclined towards convenient, usable configurations for medium and low sensitive apps or while they are using their devices at home. We conclude with suggestions to improve the design of our proposed configurations as well as a discussion of guidelines for future implementations of re-authentication schemes.

Lalit Agarwal, University of Waterloo

Hassan Khan, University of Waterloo

Urs Hengartner, University of Waterloo

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Agarwal PDF
View the slides

Presentation Audio

MP3 Download

Download Audio

  • Log in or    Register to post comments

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Media Sponsors & Industry Partners

© USENIX

  • Privacy Policy
  • Contact Us