-
Notifications
You must be signed in to change notification settings - Fork 0
/
method.html
108 lines (95 loc) · 6.37 KB
/
method.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<!DOCTYPE HTML>
<!--
Hyperspace by HTML5 UP
html5up.net | @ajlkn
Free for personal and commercial use under the CCA 3.0 license (html5up.net/license)
-->
<html>
<head>
<title>Method</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<link rel="stylesheet" href="assets/css/main.css" />
<noscript><link rel="stylesheet" href="assets/css/noscript.css" /></noscript>
</head>
<body class="is-preload">
<!-- Header -->
<header id="header">
<a href="index.html" class="title">PassBeat</a>
<nav>
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="literature.html" title="literature">previous</a></li>
<li><a href="results.html" title="results">next</a></li>
</ul>
</nav>
</header>
<!-- Wrapper -->
<div id="wrapper">
<!-- Main -->
<section id="main" class="wrapper">
<div class="inner">
<h1 class="major">Method</h1>
<p>The following describes how we would conduct a more detailed study, if we had the time and resources.</p>
<h3>Implementation of the Study</h3>
<p>
We propose a field study to answer our research question, as a study conducted in the natural environment preserves context. Context is an important factor when gaining insights on password memory, as people have other things on their minds than their passwords in daily life but still need to be able to remember the passwords when they need them.<br>
We will divide the participants into two groups: One group will be using rhythm-based passwords, while the control group will be using conventional text-bases passwords. In each password-group, we will assign the passwords a security-category based on number of attempts necessary to crack password in brute force attack. There are three such categories: easy, medium and hard to crack passwords.
</p>
<h3>Selection of Participants</h3>
<p>
As our study is quantitative research, a larger number of participants is necessary to obtain meaningful results. For the study, the participants are divided into two groups. Therefore, we strive to recruit a minimum of 30 per group, to ensure they are large enough for statistical significance. There is no upper limit on participants, as more participants lead to a result with a smaller confidence interval i.e. a result more robust to outliers, and due to the research tool do not increase the workload of the study.<br>
To ensure the results are representative, the participants should be representative of the population i.e. include participants from all ages and ensure gender balance.<br>
Furthermore, participants at the “extreme ends” of the demographic should be included, i.e.:
<ul>
<li>elderly people and children</li>
<li>participants with visual- and hearing-impairements</li>
<li>digital natives and participants new to mobile phones</li>
<li>participants who play music instruments as well as participants describing themselves as unmusical</li>
</ul>
The participants will be randomly sorted into rhythm- and text-password groups, and sort themselves into password-strength categories by setting their password.
</p>
<h3>Evaluation of Results</h3>
<p>To determine whether rhythm-based passwords are easier to remember than text-based passwords, we will compare the login success-ratio of both password-type groups. We assume that the group with the higher login succeeds-ratio was able to remember their passwords better.<br>
Furthermore, we will compare the success-ratio within every password security category.</p>
<h3>Limitations</h3>
<ul>
<li><b>Different repetition intervals could bias the results.</b> <br>
If participants repeat their passwords more frequently, they are more likely to remember their password regardless of the password-type. Thus, participant might be better at remembering rhythm-based passwords since they practice entering the rhythm more to get used to the new input method.</li>
<li><b>Accidental mistakes during password input cannot be distinguished from misremembered password.</b> <br>
As all erroneous inputs are counted as misremembered passwords, the login success-ratio of the rhythm-based password might be lower than the actual memory success-ratio since participants might make more accidental mistakes using a new input method.</li>
<li><b>There is a trade-off between statistical significance and meaningfulness of the results.</b> <br>
On the one hand, passwords of different security level are hard to compare leading to less meaningful results. On the other hand, however, splitting participants into too many groups makes results sensitive to outliers and reducing the statistical significance.</li>
</ul>
<h3>Handling of Data and Privacy</h3>
<p>Our PassBeat tool will store the password locally on the participants device. Only the success or failure and time of a login attempt will be transmitted. The study will be anonymous, no personal information about participants will be collected.</p>
</div>
</section>
</div>
<!-- Footer -->
<footer id="footer" class="wrapper alt">
<div id="footer-nav">
<nav>
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="literature.html" title="literature">previous</a></li>
<li><a href="results.html" title="results">next</a></li>
</ul>
</nav>
</div>
<div class="inner">
<ul class="menu">
<li>© PassBeat. All rights reserved.</li><li>Design: <a href="http://html5up.net">HTML5 UP</a></li>
</ul>
</div>
</footer>
<!-- Scripts -->
<script src="assets/js/jquery.min.js"></script>
<script src="assets/js/jquery.scrollex.min.js"></script>
<script src="assets/js/jquery.scrolly.min.js"></script>
<script src="assets/js/browser.min.js"></script>
<script src="assets/js/breakpoints.min.js"></script>
<script src="assets/js/util.js"></script>
<script src="assets/js/main.js"></script>
</body>
</html>