Key-bored to Tears: The Usability Cost of Character Authentication on Mobile Devices


Ann-Marie Horcher, Nova Southeastern University


Walking into traffic, off the beaten path, or colliding with people – distracted walking is on the rise as people struggle with touchscreen interactions designed for workstation instead of mobile devices. The keyboard is a well-known mental model for soliciting input for authentication. Mental models familiar to the user reduce the cognitive effort required to understand the desired interaction with the security interface. Though the cognitive effort to understand the interface may be conserved, there is also cognitive effort expended to use the keyboard-style interface. The reality of the actual cognitive effort required is documented by the rise in pedestrian accidents involving smartphone usage. Measures of the effort required for smartphone authentication using human performance modelling show how security design choices can significantly impact usability on the mobile platform, and calls into question current common practices. Strong passwords on a mobile device demand more cognitive effort than is safe at any speed.

@inproceedings {205702,
title = {Key-bored to Tears: The Usability Cost of Character Authentication on Mobile Devices},
booktitle = {Thirteenth Symposium on Usable Privacy and Security ({SOUPS} 2017)},
year = {2017},
address = {Santa Clara, CA},
url = {},
publisher = {{USENIX} Association},