The Great Authentication Fatigue - End of an Era? Event
- Time:
- 15:30
- Date:
- 5 March 2014
- Venue:
- Building 53, Room 4025 Highfield Campus
For more information regarding this event, please email Vladimiro Sassone at vsassone@soton.ac.uk .
Event details
Speaker: Professor. M. Angela Sasse from UCL
Booking details:
https://twitter.com/CybSecSoton/status/438362993370599424
http://www.eventbrite.co.uk/e/cyber-security-seminar-angela-sasse-tickets-10737924421
Abstract
In this talk, I summarise evidence of the burden that authentication creates in many organizations. Based on interviews, diary studies, and examination of log files, we can provide details of how authentication disrupts individual tasks. The burden of authentication results not only from the mental and physical work associated with authentication, but the re‐start cost associated with the disruption of the primary task. There is an urgent need to develop solutions that are less burdensome for users and less discruptive for their tasks. A recent industry initiative, the FIDO alliance, provides a framework for authentication without passwords. In organisational contexts, we could replace most explicit authentication events with implicit mechanisms that do not burden and discrupt users, and reserve explicit action for events where active consent or agreement is required. In conclusion, I will argue that the end of the great authentication fatigue is in sight, but that we can learn important lessons for security in general from this case.
Bio:
M. Angela Sasse is the Professor of Human-Centred Technology and Head of Information Security Research in the Department of Computer Science at University College London (UCL), UK, and the Director of the Research Institute in Science of Cyber Security. A list of projects and publications can be found at http://sec.cs.ucl.ac.uk/people/m_angela_sasse/