Number of co-authors:11
Number of publications with 3 favourite co-authors:Judith Ramsay:3Judy van Biljon:3Antonella De Angeli:2
Karen Renaud's 3 most productive colleagues in number of publications:Antonella De Angel..:28Judith Ramsay:8Lynne Coventry:8
go to course
Gestalt Psychology and Web Design: The Ultimate Guide
Starts tomorrow LAST CALL!
go to course
Quality Web Communication: The Beginner's Guide
88% booked. Starts in 7 days
Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess
User Experience and Experience Design !
Our Latest Books
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
Publications by Karen Renaud (bibliography)
Maguire, Joseph and Renaud, Karen (2012): You only live twice or "the years we wasted caring about shoulder-surfing. In: Proceedings of the HCI12 Conference on People and Computers XXVI 2012. pp. 404-409.
Passwords are a good idea, in theory. They have the potential to act as a fairly strong gateway. In practice though, passwords are plagued with problems. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when forgotten. While alternatives to passwords have been proposed, none, as yet, have been adopted widely. There seems to be a reluctance to switch from tried and tested passwords to novel alternatives, even if the most glaring flaws of passwords can be mitigated. One argument is that there is not enough investigation into the feasibility of many password alternatives. Graphical authentication mechanisms are a case in point. Therefore, in this paper, we detail the design of two prototype applications that utilise graphical authentication mechanisms. However, when forced to consider the design of such prototypes, we find that pertinent password problems eg. observation of entry, are just that: password problems. We conclude that effective, alternative authentication mechanisms should target authentication scenarios rather than the well-known problems of passwords. This is the only route to wide-spread adoption of alternatives.
© All rights reserved Maguire and Renaud and/or their publisher
Renaud, Karen and Biljon, Judy van (2010): Worth-centred mobile phone design for older users. In Universal Access in the Information Society, 9 (4) pp. 387-403.
The twenty-first century society fights against an inherent tendency to over-classify and label people. In the case of the aged, despite all efforts, the perception of the helpless, feeble older person still prevails. The truth of the matter is that people over sixty often do not fit this profile. The aged are a heterogeneous group with varying different skills and abilities in many different areas. This paper challenges prevalent mobile phone design decisions that appear to have been made based on the erroneous pre-conception of the incapable elder. Designers currently produce "senior" mobile phones that are, at best, inadequate and, at worst, insulting to a sector of society that deserves respect and consideration. Age does indeed influence mobile phone usage, and people over sixty often have specific and special needs, quite apart from age-related limitations, that predict their use of mobile phones. Most mobile phones designed for older users simply reduce the number of features: the so-called simplification approach. Apart from reducing the effectiveness of the phone, this approach often incorporates the fatal design flaw of using numbers or letters, on speed-dial buttons, which requires the user to remember the button-person mappings. In fact, this design rationale reduces the value of the phone to the user. This paper argues that mobile phone design for older users should be worth-centred (Cockton G in Designing worth is worth designing. In: Proceedings of the 4th Nordic conference on human-computer interaction: changing roles. Oslo, Norway, pp 165-174, 2006) rather than simplification-driven. The worth-centred approach maximises worth to the user of the phone. This is achieved by maximising effectiveness while accommodating reduced capabilities. To maximise ease of use, and consequent accessibility, features may have to be reduced in an informed way. To facilitate this, a mapping process is proposed whereby user needs are linked to uses of the phone, and then to the features that facilitate these uses. Needs fall into a number of categories, and each category is characterised by a number of different uses, which form a usage space. Features can be linked to one or more usage spaces, and thus be used to support needs. The first step in the conducted research entailed the identification of the needs of the older mobile phone user. Then, it was determined whether these needs were indeed being met by the uses afforded in existing phones. Having concluded that most users' needs were not being met, the next step was to capture data on the needs, limitations and expectations of people over the age of sixty. This was achieved by conducting a series of one-to-one interviews with a number of older mobile phone users and also supervising a participatory design experiment. Using the findings of the analysis, a usage space model is proposed, which serves to align feature inclusion with user needs. Based on this usage space model (the theoretical contribution), a prototype mobile phone design is presented as the practical contribution of the paper.
© All rights reserved Renaud and Biljon and/or Springer Verlag
Renaud, Karen and Just, Mike (2010): Pictures or questions?: examining user responses to association-based authentication. In: Proceedings of the HCI10 Conference on People and Computers XXIV 2010. pp. 98-107.
Challenge questions are commonly used as a backup should users forget their "main" authentication secret. Such questions are notoriously difficult to design properly, and have sometimes allowed intruders to access the system via a back door simply by engaging in some online research about the victim . Most challenge questions rely on a user's knowledge of their early life, something which tends not to deteriorate over time . Unfortunately, this kind of information can also be discovered by a determined attacker. We developed a challenge protocol in which a set of pictorial cues are used to prompt answers, rather than using the standard mechanism based on textual questions. The prompts solicit associative memories that need not represent factual information (information that aids an attacker in mounting targeted observation attacks) and serve as a stronger cue to aid the recall. Our results reveal that the solution has comparable security with that of traditional challenge questions (when considering external attackers), and suggests additional benefits from posing three or more questions serially. Furthermore, we obtained a 13% increase in the memorability of our (name-based) answers, while our results suggest enhancements could help improve the recall of place-based answers. We conclude by discussing how further modifications could achieve gains on the usability front.
© All rights reserved Renaud and Just and/or BCS
Renaud, Karen and Maguire, Joseph (2009): Armchair authentication. In: Proceedings of the HCI09 Conference on People and Computers XXIII 2009. pp. 388-397.
Alphanumeric authentication, by means of a secret, is not only a powerful mechanism, in theory, but prevails over all its competitors in practice. However, it is clearly inadequate in a world where increasing numbers of systems and services require people to authenticate in a shared space, while being actively observed. This new reality places pressure on a password mechanism never intended for use in such a context. Asterisks may obfuscate alphanumeric characters on entry but popular systems, e.g. Apple iPhone and Nintendo Wii, regularly require users to use an on-screen keyboard for character input. This may not be a real concern within the context of secluded space but inadvertly reveals a secret within shared space. Such a secret has an economic cost in terms of replacement, recall and revenue, all of which affect the financial return of the offending systems and services. In this paper, we present and evaluate a graphical authentication mechanism, Tetrad, which appears to have the potential to address these specific concerns.
© All rights reserved Renaud and Maguire and/or their publisher
Renaud, Karen (2009): On user involvement in production of images used in visual authentication. In J. Vis. Lang. Comput., 20 (1) pp. 1-15.
Biljon, Judy van, Kotze, Paula and Renaud, Karen (2008): Mobile phone usage of young adults: the impact of motivational factors. In: Proceedings of OZCHI08 - the CHISIG Annual Conference on Human-Computer Interaction 2008. pp. 57-64.
To increase marketability in a competitive and technologically evolving market designers are compelled to add new features to mobile phones. This often leads to 'featuritis' with hit-and-miss success rates. Our research goal is to find a more informed point of departure for feature addition activities that will improve design and maximise return on investment. We argue that a human motivational factor focus could provide a solid grounding for judging whether features are likely to be used, or not. In this paper we address the motivational factors that underlie mobile phone use by young adults aged between 18 and 30. We consider models for motivational factors from psychology and consumer science, as well as mobile phone usage space models, including the mobile phone usage space model (MUSM). MUSM proposes linking usage spaces to motivational factors, but does not explicitly investigate the mapping of features to the identified usage spaces. In this paper we investigate the features associated with individual MUSM usage spaces as well as the ranking of the usage spaces for our specific target group.
© All rights reserved Biljon et al. and/or their publisher
Renaud, Karen, Ramsay, Judith and Hair, Mario (2008): Think before you link: controlling ubiquitous availability. In Interactions, 15 (6) pp. 65-68.
Renaud, Karen and Ramsay, Judith (2007): Now what was that password again? A more flexible way of identifying and authenticating our seniors. In Behaviour and Information Technology, 26 (4) pp. 309-322.
The Web offers facilities which can make a huge difference to the lives of users with reduced mobility, something that affects many older users. Users have to be authorized to access restricted websites. This involves a two-step process: identification and authentication. These issues have received scant attention when considering the needs of specific user groups. Web identification and authentication is often treated as a one-size-fits-all problem with ubiquitous use of the password as an authenticator and a variety of different identification mechanisms being used. Neither is tailored to the needs of either the website or the target users. This paper discusses problems related to identification and authentication of older web users, and reports on experiences with field tests of initial solutions.
© All rights reserved Renaud and Ramsay and/or Taylor and Francis
Nosseir, Ann, Connor, Richard and Renaud, Karen (2006): Question-based group authentication. In: Kjeldskov, Jesper and Paay, Jane (eds.) Proceedings of OZCHI06, the CHISIG Annual Conference on Human-Computer Interaction 2006. pp. 277-283.
There are various situations where a distinction needs to be made between group members and outsiders. For example, to protect students in chat groups from unpleasant incidents caused by intruders; or to provide access to common domains such as computer labs. In some of these situations the implications of unauthorized access are negligible. Thus, using an expensive authentication technique, in terms of equipment and maintenance, or requiring significant effort from the user, is wasteful and unjustified. Passwords are the cheapest access control mechanism but have memorability issues. As a result, various alternatives have been proposed. These solutions are often either insecure or expensive in terms of data collection and maintenance. In this paper we present a solution that is less costly since it is built on the data produced by user-system interactions. The mechanism relies on a dynamic (and unpredictable) shared secret. We report on our investigation into differentiating between group members and outsiders by means of their group characteristics. We also present an original analytical framework to facilitate the automatic generation of questions from group characteristics. Finally, we introduce a prototype of the mechanism.
© All rights reserved Nosseir et al. and/or their publisher
Renaud, Karen, Ramsay, Judith and Hair, Mario (2006): . In International Journal of Human-Computer Interaction, 21 (3) pp. 313-332.
This article considers the nature of e-mail from the recipient's perspective-what the seemingly free and easy communication really costs the recipient. Information gathered by electronic monitoring software is shown to be at odds with the results of an online survey of e-mail users' perceptions of their e-mail experience-users drastically underestimate the disruptive effects of e-mail. The conclusion is that the constant monitoring of e-mail actually reduces productivity and that there is a need for increased power, control, and awareness on the part of the e-mail recipient to ensure that e-mail remains a tool rather than a tyrant. It is necessary to alert the user of the true cost of e-mail alerts.
© All rights reserved Renaud et al. and/or Lawrence Erlbaum Associates
Angeli, Antonella De, Coventry, Lynne, Johnson, Graham and Renaud, Karen (2005): Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems. In International Journal of Human-Computer Studies, 63 (1) pp. 128-152.
The weakness of knowledge-based authentication systems, such as passwords and Personal Identification Numbers (PINs), is well known, and reflects an uneasy compromise between security and human memory constraints. Research has been undertaken for some years now into the feasibility of graphical authentication mechanisms in the hope that these will provide a more secure and memorable alternative. The graphical approach substitutes the exact recall of alphanumeric codes with the recognition of previously learnt pictures, a skill at which humans are remarkably proficient. So far, little attention has been devoted to usability, and initial research has failed to conclusively establish significant memory improvement. This paper reports two user studies comparing several implementations of the graphical approach with PINs. Results demonstrate that pictures can be a solution to some problems relating to traditional knowledge-based authentication but that they are not a simple panacea, since a poor design can eliminate the picture superiority effect in memory. The paper concludes by discussing the potential of the graphical approach and providing guidelines for developers contemplating using these mechanisms.
© All rights reserved Angeli et al. and/or Academic Press
Renaud, Karen and Angeli, Antonella De (2004): My password is here! An investigation into visuo-spatial authentication mechanisms. In Interacting with Computers, 16 (6) pp. 1017-1041.
Passwords are the almost universal authentication mechanism, even though they are basically flawed and cause problems for users due to poor memorability. Graphical methods of authentication have recently excited some interest but little is known about their actual efficacy. There are basically two types of graphical authentication mechanisms: recognition-based and location-based -- also called visuo-spatial mechanisms. Whereas some kinds of recognition-based graphical authentication mechanisms have been evaluated by various researchers, there is still a need to investigate location-based graphical authentication mechanisms in a more rigorous fashion to determine whether they could be a viable alternative to traditional passwords for web usage. This paper discusses graphical authentication mechanisms in general and reports on the evaluation of one particular visuo-spatial mechanism, aimed at augmenting the password paradigm by providing a way to record passwords securely. Results and findings are presented, and conclusions drawn, some of which can also be applied to other types of visuo-spatial mechanisms. We also propose a set of metrics which can be used to measure the quality of web authentication mechanisms and apply these to a range of existing authentication mechanisms.
© All rights reserved Renaud and Angeli and/or Elsevier Science
Biljon, Judy van and Renaud, Karen (2003): Zazu - Investigating the Difference between Interaction Approaches in Advisory Support Systems for Curriculum. In: Proceedings of IFIP INTERACT03: Human-Computer Interaction 2003, Zurich, Switzerland. p. 983.
Join our community and advance:
Changes to this page (author)09 Nov 2012: Modified03 Apr 2012: Modified
14 Apr 2011: Modified
17 Jan 2011: Modified
03 Nov 2010: Modified
03 Jun 2009: Modified
02 Jun 2009: Modified
12 May 2008: Modified
26 Jul 2007: Modified
24 Jul 2007: Modified
24 Jul 2007: Modified
27 Jun 2007: Modified
27 Jun 2007: Added
Page maintainer: The Editorial Team