Authentication Schemes\u27 Impact on Working Memory

Authentication is the process by which a computing system validates a user’s identity. Although this process is necessary for system security, users view authentication as a frequent disruption to their primary tasks. During this disruption, primary task information must be actively maintained in working memory. As a result, primary task information stored in working memory is at risk of being lost or corrupted while users authenticate. For over two decades, researchers have focused on developing more memorable passwords by replacing alphanumeric text with visual graphics (Biddle et al., 2012). However, very little attention has been given to the impact authentication has on working memory. A recent exploratory study suggests that working memory can be disrupted during graphical authentication (Still & Cain, 2019). In this study, we take the next step by controlling for task difficulty and contrasting performance with conventional password-based authentication. Baddeley’s model was employed to examine the impact of authentication on verbal, visuospatial, and central executive working memory (Baddeley & Hitch, 1974). Our findings may help designers select authentication systems that minimize adverse effects on users’ critical primary task performance. For instance, we revealed that conventional passwords do not have a greater negative impact on verbal primary task information compared to graphical passcodes. We also replicated findings reported by Still and Cain (2019), where visuospatial was least impaired by authentication. These findings are not intuitive, highlighting the need for further investigation of how authentication impacts primary task information in working memory