{"title":"The usability of truecrypt, or how i learned to stop whining and fix an interface","authors":"Sumeet Gujrati, Eugene Y. Vasserman","doi":"10.1145/2435349.2435360","DOIUrl":null,"url":null,"abstract":"Non-use or incorrect use of security software is one major reason for privacy breaches of all scales. The problem is compounded by software, security policies, and user interfaces that are difficult to use and understand. Using widely accepted user interface analysis methods, we examine a popular free and open source disk encryption software package, and find that it is far from accessible to ordinary users. Using rigorous interface design principles, we derive several concrete changes that would make the software easier to use, and construct a new interface to test our theories. We evaluate the two interfaces through a randomized user study in a controlled laboratory setting, and determine that the new interface is significantly easier to understand and faster to use, especially for novice computer users. We observe not only measurable speed-ups of common tasks, but also improved user-reported ease of use ratings. Several of our design choices turn out to have been misguided, making some tasks more difficult in our modified interface, but fortunately our alterations are mutually independent, i.e. reverting some components to their original design does not nullify the benefit of other modifications. Our experience shows that even simple, intuitive, and logically consistent modifications to complex interfaces have dramatic positive usability effects, and can be easily applied to different pieces of security software in order to reduce the impediment to uptake by novice users.","PeriodicalId":118139,"journal":{"name":"Proceedings of the third ACM conference on Data and application security and privacy","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third ACM conference on Data and application security and privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2435349.2435360","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Non-use or incorrect use of security software is one major reason for privacy breaches of all scales. The problem is compounded by software, security policies, and user interfaces that are difficult to use and understand. Using widely accepted user interface analysis methods, we examine a popular free and open source disk encryption software package, and find that it is far from accessible to ordinary users. Using rigorous interface design principles, we derive several concrete changes that would make the software easier to use, and construct a new interface to test our theories. We evaluate the two interfaces through a randomized user study in a controlled laboratory setting, and determine that the new interface is significantly easier to understand and faster to use, especially for novice computer users. We observe not only measurable speed-ups of common tasks, but also improved user-reported ease of use ratings. Several of our design choices turn out to have been misguided, making some tasks more difficult in our modified interface, but fortunately our alterations are mutually independent, i.e. reverting some components to their original design does not nullify the benefit of other modifications. Our experience shows that even simple, intuitive, and logically consistent modifications to complex interfaces have dramatic positive usability effects, and can be easily applied to different pieces of security software in order to reduce the impediment to uptake by novice users.