What makes users refuse web single sign-on? An empirical investigation of OpenID S.-T. Sun, E. Pospisil, I. Muslukhov, N. Dindar, K. Hawkey, and K. Beznosov.

Similar presentations

Presentation on theme: "What makes users refuse web single sign-on? An empirical investigation of OpenID S.-T. Sun, E. Pospisil, I. Muslukhov, N. Dindar, K. Hawkey, and K. Beznosov."— Presentation transcript:

1 What makes users refuse web single sign-on? An empirical investigation of OpenID S.-T. Sun, E. Pospisil, I. Muslukhov, N. Dindar, K. Hawkey, and K. Beznosov SOUPS '11. ACM, 2011, PP. 4:1 - 4:20 Eru Penkman epen234

2 What Is OpenID?  Sign in with trusted identity provider (Google, Facebook, etc.)  Identity provider confirms your identity to a third party  Only the identity provider knows your password

3 Users Don’t Trust OpenID Most users believe that their password is being shared with every website where they use OpenID, this paper presents improvements that can increase user understanding and adoption of OpenID.

4 This study is practical They provide recommendations for websites and software developers to improve the usability of single sign on; their recommendations, can result in greatly increase usage of single sign on.

5 Possible to Misinterpret The study outlines several symptoms but does not sufficiently explain the causes of each symptom.

6 Two Core issues  Users have an incorrect mental model of OpenID  They believe that their password is being shared with every website that they login to.  OpenID presents a single point of failure  Vulnerable to phishing

7 Multiple symptoms  Single point of failure (26%)  Believe their passwords are being shared(71%)  Cannot spot phishing forms (50%)  Hesitant to release profile information(40%)  Concern about untrustworthy websites(36%)

8 Improvements? 70% of users believed that their passwords were shared with every site where they used OpenID. How can the login interface be improved so that users understand that their passwords are not being shared?

9 Questions?

Download ppt "What makes users refuse web single sign-on? An empirical investigation of OpenID S.-T. Sun, E. Pospisil, I. Muslukhov, N. Dindar, K. Hawkey, and K. Beznosov."

Similar presentations

Ads by Google