Reviewing the Usability of Web Authentication Procedures: Comparing the Current Procedures of 20 Websites

Abstract

A sustainable online environment is essential to protecting businesses from abuse and data breaches. To protect sustainability, websites’ authentication procedures should continuously keep up with new technologies and the ways in which these technologies are used. Thus, a continuous assessment of these authentication procedures is required to ensure their usability. This research aimed to compare the status of the sign-up, sign-in, and password recovery processes on 20 websites. The researcher checked every website in a separate session and used the “think-aloud” technique while recording the screen to ensure accurate data analysis. Specific items were checked during every session to detect the similarities and differences between the tested websites in their authentication processes. The results led to valuable discussions and recommendations for improving authentication procedures. Some of these recommendations include best practices for better design of password rules, determining when two-factor authentication should be compulsory, and understanding how to improve password reset processes and keep accounts secure.