eru penkman n.
Skip this Video
Loading SlideShow in 5 Seconds..
Eru Penkman PowerPoint Presentation
Download Presentation
Eru Penkman

Loading in 2 Seconds...

play fullscreen
1 / 9

Eru Penkman - PowerPoint PPT Presentation

  • Uploaded on

What makes users refuse web single sign-on? An empirical investigation of OpenID S.-T. Sun, E. Pospisil , I. Muslukhov , N. Dindar , K. Hawkey , and K. Beznosov SOUPS '11. ACM, 2011, pp. 4:1 - 4:20. Eru Penkman. epen234 . What Is OpenID ?.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Eru Penkman

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
eru penkman

What makes users refuse web single sign-on? An empirical investigation of OpenIDS.-T. Sun, E. Pospisil, I. Muslukhov, N. Dindar, K. Hawkey,and K. BeznosovSOUPS '11. ACM, 2011, pp. 4:1 - 4:20



what is openid
What Is OpenID?
  • Sign in with trusted identity provider (Google, Facebook, etc.)
  • Identity provider confirms your identity to a third party
  • Only the identity provider knows your password
users don t trust openid
Users Don’t Trust OpenID

Most users believe that their password is being shared with every website where they use OpenID, this paper presents improvements that can increase user understanding and adoption of OpenID.

this study is practical
This study is practical

They provide recommendations for websites and software developers to improve the usability of single sign on; their recommendations, can result in greatly increase usage of single sign on.

possible to misinterpret
Possible to Misinterpret

The study outlines several symptoms but does not sufficiently explain the causes of each symptom.

two core issues
Two Core issues
  • Users have an incorrect mental model of OpenID
    • They believe that their password is being shared with every website that they login to.
  • OpenID presents a single point of failure
    • Vulnerable to phishing
multiple symptoms
Multiple symptoms
  • Single point of failure (26%)
  • Believe their passwords are being shared(71%)
  • Cannot spot phishing forms (50%)
  • Hesitant to release profile information(40%)
  • Concern about untrustworthy websites(36%)

70% of users believed that their passwords were shared with every site where they used OpenID. How can the login interface be improved so that users understand that their passwords are not being shared?