Users are a key part of the security landscape and a central part of the motivation for computer security. Rather than dismissing them as the weakest link in the system, we can better understand their motivations and coping strategies to design for their cognitive strengths and contextual needs. In this talk I will discuss the role of the end user in authentication and how we can apply methodology and results from psychology to better understand and design for them. I will present results from a qualitative study of how users cope with password demands, and discuss what these results can suggest about the design of authentication systems.About the Experts
Elizabeth Stobert is a post-doc in the System Security group at ETH Zürich in Switzerland. Her research interests are in usable security and authentication, investigating how passwords and other authentication mechanisms can be made simultaneously easy-to-use and secure. She completed her PhD at Carleton University in Ottawa, Canada in 2015. Her thesis examined practical approaches to addressing the password problem for end users, and included research on graphical passwords and password managers. She also has a masters degree in psychology.