Usability, security and trust in password managers: A quest for user-centric properties and features
Tutkimustuotos › › vertaisarvioitu
|Julkaisu||Computer Science Review|
|DOI - pysyväislinkit|
|Tila||Julkaistu - 2019|
A password manager stores and handles users' passwords from different services. This relieves the users from constantly remembering and recalling many different login credentials. However, because of the poor usability and limited user experience of password managers, users find it difficult to perform basic actions, such as a safe login. Unavoidably, the password manager holds the login credentials of many online services; as a result, it becomes a desired target for online attacks. This results in compromised security, which users often consider as an inevitable condition that must be accepted. Many studies analysed the usability and security of various password managers. Their research findings, though important, are rather incomprehensible to designers of password managers, because they are limited to particular properties or specific applications and they, often, are contradictory. Hence, we focus on investigating properties and features that can elevate the usability, security, and trustworthiness of password managers, aiming at providing practical, simple, and useful guidelines for building a useable password manager. We performed a systematic literature review, in which we selected thirty-two articles with coherent outcomes associated with usability and security. From these outcomes, we deduced and present meaningful suggestions for realising a useable, secure and trustworthy password manager.