Characterizing and Countering User Security Fatigue in Password Enhancement through Deep Learning
Dr. Gerry Matthews
KEY INTERESTS
Human factors and applied cognition; Human-machine teaming; Assessment of task stress, workload, and fatigue; Cognition and emotion; Driver behavior; Individual differences in human performance
AFFILIATIONS/APPOINTMENTS
Professor, Department of Psychology, George Mason University
Affiliate Faculty, University of Central Florida
ACADEMIC DEGREES
PhD, Experimental Psychology, University of Cambridge
CHARACTERIZING AND COUNTERING USER SECURITY FATIGUE IN PASSWORD ENHANCEMENT THROUGH DEEP LEARNING
Password protection of user accounts is a fundamental element of cybersecurity to which AI may contribute. Selecting a strong password is difficult and tedious for most users. It is usually accomplished by asking users to follow specific password policies that list a series of requirements. This approach has been shown to be limited and even harmful. An alternative is to rely on Passwords Strength Meters (PSMs) that provide a feedback mechanism to the user. For example, the green color indicates a strong password, while the red means that the password should be changed. Unfortunately, most PSMs are either heuristic or do not provide any valuable feedback: Users ignore what is wrong with their password selection or how to improve it. The end result is often frustration and failure to comply with password policies. This project will conduct a study with human participants to test the impact of security fatigue on users’ decision to use DeepPasswd (the first interpretable probabilistic password strength meter) or not, using a simulated work task. This research will then be used to design recommendations and guidelines for apps such as DeepPasswd that utilize AI to support the user, and suggestions for future research