Towards Improving the Usability of Password Managers

Abstract

Security experts strongly recommend the use of Password Managers (PMs). However, PMs are not widely used and studies indicate usability problems and distrust from users as the reasons for their low adoption. In this paper, we review usability challenges of PMs and we propose the use of known usability best practices and techniques to extend and improve Bitwarden, a widely-popular open-source PM. Since this work is done in the context of the PassCert project, which aims to build a formally verified PM, we also investigate ways to effectivelyconvey to users the formally verified properties. We report on preliminary results and we propose a methodology to evaluate our extension of Bitwarden and to determine the impact of formal verification on the adoption of PMs.

Publication
Communication accepted at INForum 2021 (INForum — Simpósio de Informática)
Avatar
Alexandra Mendes
Assistant Professor

My research focuses on encouraging a wider adoption of software verification by creating tools and methods that hide the complexities of verifying software. Recently, I started work on usable security, in particular on the impact of formal verification on the use and adoption of formally verified security software products. Much of my most recent work overlaps with the area of software engineering. For more details, see selected publications and some of my projects. Follow me on Twitter or add me on LinkedIn.