Cognitive function vs. accessible authentication: insights from dyslexia research

Jacques Ophoff; Graham Johnson; Karen Renaud

doi:10.1145/3430263.3452427

Cognitive function vs. accessible authentication: insights from dyslexia research

Jacques Ophoff, Graham Johnson, Karen Renaud

SDI - Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

20 Downloads (Pure)

Abstract

The most common authentication mechanism, the password, requires a user to recall a secret. Users take this memorisation, or cognitive function, test on a daily basis in order to gain access to systems and devices. This mechanism's design has received much scrutiny and there is a common realization that security and usability are key considerations. In this paper, we consider a third, emergent aspect: that of accessibility. Using a qualitative approach, we explore the challenges current password-based approaches pose to people with dyslexia, a relatively common cognitive disability, highlighting several issues. Following draft web accessibility guidelines, we also evaluate alternative authentication mechanisms. We observe a lack of consideration for accessibility in the area of authentication and offer suggestions for future research.

Original language	English
Title of host publication	W4A '21
Subtitle of host publication	proceedings of the 18th International Web for All conference
Place of Publication	New York
Publisher	Association for Computing Machinery (ACM)
Number of pages	5
ISBN (Electronic)	9781450382120
DOIs	https://doi.org/10.1145/3430263.3452427
Publication status	Published - 19 Apr 2021
Event	18th International Web for All Conference: Accessibility and Crisis - virtual, Ljubljana, Slovenia Duration: 19 Apr 2021 → 20 Apr 2021 http://www.w4a.info/2021/

Conference

Conference	18th International Web for All Conference
Abbreviated title	W4A’2021
Country	Slovenia
City	Ljubljana
Period	19/04/21 → 20/04/21
Internet address	http://www.w4a.info/2021/

Access to Document

10.1145/3430263.3452427

Ophoff_CognitiveFunctionVs.AccessibleAuthentication_Accepted_2021Accepted author manuscript, 0.99 MB

Cite this

@inproceedings{a0bff8c90fdb45609177113775f77180,

title = "Cognitive function vs. accessible authentication: insights from dyslexia research",

abstract = "The most common authentication mechanism, the password, requires a user to recall a secret. Users take this memorisation, or cognitive function, test on a daily basis in order to gain access to systems and devices. This mechanism's design has received much scrutiny and there is a common realization that security and usability are key considerations. In this paper, we consider a third, emergent aspect: that of accessibility. Using a qualitative approach, we explore the challenges current password-based approaches pose to people with dyslexia, a relatively common cognitive disability, highlighting several issues. Following draft web accessibility guidelines, we also evaluate alternative authentication mechanisms. We observe a lack of consideration for accessibility in the area of authentication and offer suggestions for future research.",

author = "Jacques Ophoff and Graham Johnson and Karen Renaud",

note = "Publisher Copyright: {\textcopyright} 2021 ACM.; 18th International Web for All Conference : Accessibility and Crisis, W4A{\textquoteright}2021 ; Conference date: 19-04-2021 Through 20-04-2021",

year = "2021",

month = apr,

day = "19",

doi = "10.1145/3430263.3452427",

language = "English",

booktitle = "W4A '21",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

url = "http://www.w4a.info/2021/",

}

TY - GEN

T1 - Cognitive function vs. accessible authentication

T2 - 18th International Web for All Conference

AU - Ophoff, Jacques

AU - Johnson, Graham

AU - Renaud, Karen

PY - 2021/4/19

Y1 - 2021/4/19

N2 - The most common authentication mechanism, the password, requires a user to recall a secret. Users take this memorisation, or cognitive function, test on a daily basis in order to gain access to systems and devices. This mechanism's design has received much scrutiny and there is a common realization that security and usability are key considerations. In this paper, we consider a third, emergent aspect: that of accessibility. Using a qualitative approach, we explore the challenges current password-based approaches pose to people with dyslexia, a relatively common cognitive disability, highlighting several issues. Following draft web accessibility guidelines, we also evaluate alternative authentication mechanisms. We observe a lack of consideration for accessibility in the area of authentication and offer suggestions for future research.

AB - The most common authentication mechanism, the password, requires a user to recall a secret. Users take this memorisation, or cognitive function, test on a daily basis in order to gain access to systems and devices. This mechanism's design has received much scrutiny and there is a common realization that security and usability are key considerations. In this paper, we consider a third, emergent aspect: that of accessibility. Using a qualitative approach, we explore the challenges current password-based approaches pose to people with dyslexia, a relatively common cognitive disability, highlighting several issues. Following draft web accessibility guidelines, we also evaluate alternative authentication mechanisms. We observe a lack of consideration for accessibility in the area of authentication and offer suggestions for future research.

U2 - 10.1145/3430263.3452427

DO - 10.1145/3430263.3452427

M3 - Conference contribution

BT - W4A '21

PB - Association for Computing Machinery (ACM)

CY - New York

Y2 - 19 April 2021 through 20 April 2021

ER -