Abstract by Garrett Smith
Measuring the Usability of YubiKey
Account loss due to hijacking is an increasingly significant problem. Two-factor authentication has been shown to dramatically improve the security of online accounts by requiring a second method of verification. This authentication method typically requires users to provide something they know (password) and something they have (device). Universal 2nd Factor security keys, such as the YubiKey, can be used in conjunction with a user's password to authenticate. Although these devices improve security, research shows that poor usability inhibits their adoption. Services such as Facebook, Google, and Windows have updated the setup process for these devices based on prior user studies. We measure the usability of the YubiKey system as a whole, and the usability of the specific setup system for Facebook, Google, and Windows. We compare these results to previous studies and measure improvements that have been made.