Authentication events are so woven into our lives that we often take them for granted. They’re the times we open a house or a car with a key, when we use a pin number to access a phone or an ATM, when we log in online.
Some of these events – especially those involving computers – have been fairly well scrutinized over the last decade, says HP Immersive Experiences Labresearcher Mary Baker.
“We have a lot of work now about passwords and codes, especially about how to make them stronger,” Baker notes. “But what about the overall burden that authentication places on our lives? Is that something that bothers people? And if it is, what can we do about it?”
Baker and fellow researchers presented some answers to these questions at the USENIX Symposium on Usable Privacy and Security in Denver, Colorado this summer, showing that authentication is indeed a burden on people. It also remains a surprisingly physical experience and one that fails far more often than we might expect.
These findings suggest a need to work on physical and digital authentication in tandem, argues Baker, and point to the potential value of developing a “universal authenticator” that provides access to the many physical and virtual locations that we want to keep secure.
The research, published in the symposium’s proceedings, also reveals that people’s feelings about authentication vary greatly, pointing to challenges for anyone looking to design authenticators that have widespread appeal.
What is technology making harder?
The HP Labs team’s interest in authentication originated with a broader, slightly contrarian question: if technology is making many aspects of our lives easier, what is actually getting harder to do?