A Qualitative Study of Adoption Barriers and Challenges for Passwordless Authentication in German Public Administrations

要旨

Public administrations provide critical services and manage sensitive data for a country's citizens. Recent phishing campaigns targeting public sector employees highlight their attractiveness as targets. Deploying state-of-the-art authentication technologies, such as FIDO2, can improve overall security. We conducted a mixed-methods study in Germany to understand better the practices and challenges of deploying passwordless authentication in the public sector. First, we conducted an online survey (N=108) among German public sector employees to gain insights into their experiences and challenges. Next, we partnered with an e-government vendor and performed an in-situ experiment. We let 11 employees from the public sector experience FIDO2 under real-world conditions. Our results show that only a minority of our participants were aware of current passwordless authentication procedures. In our experiment, FIDO2-based methods left an overall positive impression. Hierarchical and heterogeneous public sector structures and the need for more technical expertise and equipment were barriers to adoption.

著者
Jan-Ulrich Holtgrave
CISPA Helmholtz Center for Information Security, Hannover, Germany
Sabrina Klivan
CISPA Helmholtz Center for Information Security, Hannover, Germany
Karola Marky
Ruhr University Bochum, Bochum, Germany
Sascha Fahl
CISPA Helmholtz Center for Information Security, Hannover, Germany
DOI

10.1145/3706598.3713252

論文URL

https://dl.acm.org/doi/10.1145/3706598.3713252

動画

会議: CHI 2025

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2025.acm.org/)

セッション: Trust Uncertainty and Security

Annex Hall F204
6 件の発表
2025-04-29 18:00:00
2025-04-29 19:30:00
日本語まとめ
読み込み中…