TY - GEN

T1 - Exploring User Authentication with Windows Hello in a Small Business Environment

AU - Farke, Florian M.

AU - Lassak, Leona

AU - Pinter, Jannis

AU - Dürmuth, Markus

N1 - Funding Information: This research was partially funded by the MKW-NRW research training group SecHuman and the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany's Excellence Strategy - EXC 2092 CASA - 390781972.

PY - 2022

Y1 - 2022

N2 - Windows Hello for Business is Microsoft's latest attempt to replace passwords in Windows enterprise environments introduced with Windows 10. It addresses some of the common password problems like password leaks or phishing attacks, comes with built-in support for biometric authentication methods like fingerprint or facial recognition, and a new user interface. We conducted a qualitative study with 13 employees accompanying the introduction of Windows Hello in a small business studying its usability and deployability. Over five weeks, we measured authentication times, let participants rate their user experience, and conducted interviews at the end. In general, participants liked Windows Hello and found it more usable than the traditionalWindows sign-in scheme. Windows Hello was faster and perceived as more responsive than the traditional Windows login. However, participants tended to use PINs as a replacement for their (longer) passwords instead of using biometrics. Lack of hardware support (no biometric hardware available), the form factor of device or setup of their workplace (e.g., biometric hardware on the other side of the table) were some reasons to not use biometrics but stick with a well-known authentication method like a PIN.

AB - Windows Hello for Business is Microsoft's latest attempt to replace passwords in Windows enterprise environments introduced with Windows 10. It addresses some of the common password problems like password leaks or phishing attacks, comes with built-in support for biometric authentication methods like fingerprint or facial recognition, and a new user interface. We conducted a qualitative study with 13 employees accompanying the introduction of Windows Hello in a small business studying its usability and deployability. Over five weeks, we measured authentication times, let participants rate their user experience, and conducted interviews at the end. In general, participants liked Windows Hello and found it more usable than the traditionalWindows sign-in scheme. Windows Hello was faster and perceived as more responsive than the traditional Windows login. However, participants tended to use PINs as a replacement for their (longer) passwords instead of using biometrics. Lack of hardware support (no biometric hardware available), the form factor of device or setup of their workplace (e.g., biometric hardware on the other side of the table) were some reasons to not use biometrics but stick with a well-known authentication method like a PIN.

UR - http://www.scopus.com/inward/record.url?scp=85140910538&partnerID=8YFLogxK

UR - https://edocs.tib.eu/files/e01mr22/1816468819.pdf

M3 - Conference contribution

AN - SCOPUS:85140910538

SP - 523

EP - 540

BT - Proceedings of the Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022) : August 7-9, 2022, Boston, MA, USA

CY - [Berkeley, CA]

T2 - 18th Symposium on Usable Privacy and Security, SOUPS 2022

Y2 - 7 August 2022 through 9 August 2022

ER -