Authentication of Choice on Mobile Devices: A Preliminary Investigation

Authentication is a security measure designed to allow authorized users to use the system securely with minimum interference on the usability of the system. Although numerous user studies had examined various authentication methods such as traditional alphanumeric password, graphical password, and biometrics, very limited research investigated users’ performance and preference when they were allowed to choose the authentication method(s) of their choice for a specific application. This study was conducted as an initial attempt to fill in that gap. We developed a mobile application called the ‘Event manager’ that offers calendar and file management functions. Regarding the authentication, the ‘Event manager’ app provides users the freedom to choose their preferred authentication method(s) among five commonly adopted authentication mechanisms. We conducted an empirical user study with a ‘within-group’ design to investigate users’ initial interaction with three different types of authentication processes: alphanumeric passwords, one-factor authentication of choice, and two-factor authentication of choice. 75 participants completed the study. The result of the study will help understand users’ general perception regarding the ‘authentication of choice’ approach as well as their preferred authentication method or combination of methods in the context of mobile devices.