Unintuitive and Insecure: Fixing the Failures of the Authentication User Experience

When: 
Thursday, January 19, 2017 - 7:00pm
Room: 
E51-345
Lecturer(s): 
Jared M. Spool, co-CEO of Center Centre and founder of UIE
Lecturer Photo

IEEE Computer and Communications Societies and GBC/ACM

7:00 PM, Thursday, January 19, 2017

MIT Room E51-345

This talk is a repeat of the presentation held at Vistaprint in Waltham on Tuesday January 17. Its being given at MIT to interest students and other members of the MIT community to address authentication and security issues without destroying application usability.

Unintuitive and Insecure: Fixing the Failures of the Authentication User Experience

Jared M. Spool, co-CEO of Center Centre and founder of UIE

"Which username did I use?"
"Do they want my email address or my nickname?"
"Which password did I use?"
"What was my favorite vegetable when I created this account?"
Nothing wrecks a great user experience like a login form. Our password rules make it hard to remember what we've used, and stupid security questions lock us out of our accounts. And none of these security gymnastics actually prevent our personal information from leaking into the world. (In fact, we often inadvertently make it easier.)

If it's not usable, it's not secure. Unusable authentication systems are a bellwether of poor end-to-end experience. Once you've frustrated a user with their account creation or session authentication, it's extremely hard to win them back.

Security isn't sexy, but when we get it right, we reduce risk and increase user satisfaction. In this entertaining presentation, Jared will explain how to make authentication design a top priority in your experience architecture. He'll show you where the real risks are and why you shouldn't trust others to handle your design's security elegantly.

Jared will walk you through:

How to best protect your users without making them frustrated.
How Amazon reduces fraud and makes money with a multi-state security model.
How to keep the Paranoids at bay without degrading the user experience.

Jared M. Spool is a co-founder of Ce