Matching Items (2)
Filtering by

Clear all filters

134492-Thumbnail Image.png
Description
Cravingz is a web-based application that allows users to learn the maximum number of food items that they can purchase at a restaurant within a defined personal budget. We created two versions of this web-based application and asked 40 users to perform an A/B test to determine which version provides

Cravingz is a web-based application that allows users to learn the maximum number of food items that they can purchase at a restaurant within a defined personal budget. We created two versions of this web-based application and asked 40 users to perform an A/B test to determine which version provides the best user experience in terms of efficiency and performance. Users who participated in this study completed a set of tasks to test these applications. Our findings demonstrate that users prefer a web application that does not require them to input data repeatedly to view combinations for multiple restaurants. Although the version which required reentry of data was more visually-pleasing, users preferred the version in which inputting data was a one-time task.
ContributorsPandarinath, Agastya (Co-author) / Jain, Ayushi (Co-author) / Atkinson, Robert (Thesis director) / Chavez-Echeagaray, Maria Elena (Committee member) / Computer Science and Engineering Program (Contributor) / Barrett, The Honors College (Contributor)
Created2017-05
Description
Data from a total of 282 online web applications was collected, and accounts for 230 of those web applications were created in order to gather data about authentication practices, multistep authentication practices, security question practices, fallback authentication practices, and other security practices for online accounts. The account creation and data

Data from a total of 282 online web applications was collected, and accounts for 230 of those web applications were created in order to gather data about authentication practices, multistep authentication practices, security question practices, fallback authentication practices, and other security practices for online accounts. The account creation and data collection was done between June 2016 and April 2017. The password strengths for online accounts were analyzed and password strength data was compared to existing data. Security questions used by online accounts were evaluated for security and usability, and fallback authentication practices were assessed based on their adherence to best practices. Alternative authentication schemes were examined, and other security considerations such as use of HTTPS and CAPTCHAs were explored. Based on existing data, password policies require stronger passwords in for web applications in 2017 compared to the requirements in 2010. Nevertheless, password policies for many accounts are still not adequate. About a quarter of online web applications examined use security questions, and many of the questions have usability and security concerns. Security mechanisms such as HTTPS and continuous authentication are in general not used in conjunction with security questions for most web applications, which reduces the overall security of the web application. A majority of web applications use email addresses as the login credential and the password recovery credential and do not follow best practices. About a quarter of accounts use multistep authentication and a quarter of accounts employ continuous authentication, yet most accounts fail to combine security measures for defense in depth. The overall conclusion is that some online web applications are using secure practices; however, a majority of online web applications fail to properly implement and utilize secure practices.
ContributorsGutierrez, Garrett (Author) / Bazzi, Rida (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2017