Privacy Enhancing Keyboard: Design, Implementation, and Usability Testing
To protect users from numerous password inference attacks, we invent a novel context aware privacy enhancing keyboard (PEK) for Android touch-based devices. Usually PEK would show a QWERTY keyboard when users input text like an email or a message. Nevertheless, whenever users enter a password in the...
| Main Authors: | , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2017-01-01
|
| Series: | Wireless Communications and Mobile Computing |
| Online Access: | http://dx.doi.org/10.1155/2017/3928261 |
| Summary: | To protect users from numerous password inference attacks, we invent a novel context aware privacy enhancing keyboard (PEK) for Android touch-based devices. Usually PEK would show a QWERTY keyboard when users input text like an email or a message. Nevertheless, whenever users enter a password in the input box on his or her touch-enabled device, a keyboard will be shown to them with the positions of the characters shuffled at random. PEK has been released on the Google Play since 2014. However, the number of installations has not lived up to our expectation. For the purpose of usable security and privacy, we designed a two-stage usability test and performed two rounds of iterative usability testing in 2016 and 2017 summer with continuous improvements of PEK. The observations from the usability testing are educational: (1) convenience plays a critical role when users select an input method; (2) people think those attacks that PEK prevents are remote from them. |
|---|---|
| ISSN: | 1530-8669 1530-8677 |