[messaging] Let's run a usability study (was Useability of public-key fingerprints)

Tony Arcieri bascule at gmail.com
Thu Feb 13 09:53:15 PST 2014


On Thu, Feb 13, 2014 at 6:06 AM, Tom Ritter <tom at ritter.vg> wrote:

>
> Do we know studies saying that PGP fingerprints are effective?


Here's a usability study showing that "fingerprints" are both confusing and
scary to normal humans:

https://blog.crypto.cat/2014/01/cryptocat-at-the-openitp-dc-hackathon/

The area of the most confusion -- to the point where it made the users feel
threatened or panicked -- was the user information screens (either for a
specific buddy or the user themselves). *Though "fingerprint" is widely
known by cryptography and security experts, it is, at the end of the day,
jargon*. There were several participants who immediately associated
"fingerprint" with a negative connotation (i.e., leaving a fingerprint at a
crime scene). Their tone was panicked in asking their questions on this
issue, and were unsure of why that information needed to be displayed, and
if it was even safe to display. There were a handful of users who
understood encryption technology at a very basic level who were not
confused by the terminology on this page, but were unsure of what to do
with this information.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140213/79c6fd56/attachment.html>


More information about the Messaging mailing list