ABOUT THIS PROJECT
This is an academic project for course Interaction Design Practice. We worked 1Password, which is a desktop app that allows users to create strong unique passwords. The aim was to encourage users to use password generator to create strong unique passwords.
I participated in the research, problem solving, usability testing, and was mainly responsible for interaction design, visual design.
Users just store their original passwords using the product without making an attempt to strengthen them.
USER WORKFLOW ANALYSIS
Current Workflow is Complicated, and Not Intuitive.
1Password provides an desktop app and a web browser plug-in for users to create and store their passwords. In order to understand why most users tend to just store their original passwords, instead of strengthen them, we analyzed the current user flow of two use cases:
1) Change password for an existing account
2) Sign up for a new account using password generated by 1Password
What we found was that the changing process is complicated, as well as the web browser plug-in wasn't perform actively when needed.
Change password for an existing account
Sign up for a new account
Why do users want to go though those steps to do an easy thing?
"It's Inconvenient, And I Trust My Brain More"
User flow analysis on current experience gave us an initial understanding of the problem. We still wanted to dig deeper: what do 1Password users think of the experience, how do they normally use it, and most importantly, why? Semi-structured interview were conducted among 3 users, below are some of the quotes from the inetrview:
"I use a rotating set of about 6 different passwords roots with varying combinations of numbers and capitalization for all the accounts I care about or have sensitive info. Then for all the other internet nonsense use a weak password (social sites, forums, ...i.e. anything that is replacable). My passwords are something people would not even think about it, it works perfectly for me."
“I have used 1Password for 2 years, and I think it’s doing a good job. One thing bothers me is that when I use a public computer, I will need to look at my 1Password mobile to find the password if I don't remember it. So I need also memorize my important passwords”
"I am bad at memorizing passwords so my friend recommend 1Password to me. It is convenient for storing passwords, but to change a password is not convenient at all. It is really confusing. And I don't really want to user those random strings as my passwords."
They Don't Use Password Generator Because...
Strengthen an old password takes too many steps and is not intuitive enough for novice users to follow.
The Password Generator is hidden in both desktop app and web browser plug-in. How can users think of it even when they want to strengthen their password?
Users are not aware of the security problem of passwords, which means the product itself doesn’t well motivate users to strengthen their weak passwords by using the generator.
Trust? Actually Memorability
People trust their own brain much more than trust 1Password. Why? It scares people with long and wierd strings, they worry about remembering them. This is the main reason that people trust their own passwords, which they can memorize.
Design for Security and Design for Convenience
From user interviews we found that there are two different use cases: important accounts v.s. unimportant ones. How can we leverage different goals based off different use cases? We came up with different ideas on each goal and iterated on them.
For important accounts, such as Chase, Amazon, users care more about security, which makes password changing behavior possible to happen. To streamline the password changing process, and reduce memorabilty load should be the main design goal here.
For unimportant accounts, users care more about convenience, which means there are less motivated to change old passwords. While simplify sign up process for those unimportant accounts can be the design opportunity here.
Rapid Iterative Testing and Evaluation (RITE)
With our initial ideas, we evaluated them based on our research results and technical feasibility, as well as asked for feedbacks from different people. One of the biggest challenges was design for memorability. We thought about using combinations of meaningful words, creating variations based on old passwords. And we decided to go with the idea of adding a word string after old password - similar to use a password hint, it's easy for people to understand, possible to remember. Paper prototypes were made and we ran 3 rounds of usability test utilizing the RITE method.