Conference Talk

Unintuitive and Insecure: Fixing the Failures of Authentication UX

90 minutes

  • Understand security without frustration
  • Discover Amazon’s multi-state security model that reduces fraud and makes money
  • Learn how to keep the Paranoids at bay without degrading the user experience

“Which username did I use?”
“Do they want my email address or my nickname?”
“Which password did I use?”
“What was my favorite vegetable when I created this account?”

Nothing wrecks a great user experience like a login form. Our password rules make it hard to remember what we’ve used, and stupid security questions lock us out of our accounts. And none of these security gymnastics actually prevent our personal information from leaking into the world. (In fact, we often inadvertently make it easier.)

If it’s not usable, it’s not secure. Unusable authentication systems are a bellwether of poor end-to-end experience. Once you’ve frustrated a user with their account creation or session authentication, it’s extremely hard to win them back.
Security isn’t sexy, but when we get it right, we reduce risk and increase user satisfaction. In this entertaining presentation, Jared will explain how to make authentication design a top priority in your experience architecture. He’ll show you where the real risks are and why you shouldn’t trust others to handle your design’s security elegantly.

  • Understand security without frustration

  • Discover Amazon’s multi-state security model that reduces fraud and makes money

  • Learn how to keep the Paranoids at bay without degrading the user experience