KidzPass : authenticating pre-literate children

Stewart, Michaela and Campbell, Mhairi and Renaud, Karen and Prior, Suzanne; Vance, Anthony, ed. (2020) KidzPass : authenticating pre-literate children. In: The 2020 Dewald Roode Workshop on Information Systems Security Research, IFIP WG8.11/WG11.13. IFIP Working Group 8.11/11.13, USA.

[thumbnail of Stewart-etal-DRW2020-KidzPass-authenticating-pre-literate]
Text. Filename: Stewart_etal_DRW2020_KidzPass_authenticating_pre_literate.pdf
Final Published Version

Download (4MB)| Preview


Many online services require users to authenticate themselves to prove their identity. Text-based passwords are the most widely-used authentication mechanism. Yet a number of population groups struggle with text-based passwords. One of these groups is made up of children aged 3-5. This is an important sector of society, because many of these children use the Internet at home. This was especially true during the COVID-19 pandemic.Young children can struggle with text-based passwords due to their emerging literacy and immature development. The majority of children do not learn to read fluently until age seven. At age four or five, they generally do not have the required skills to create, retain and manage alphanumeric passwords. This might well leave young children vulnerable when online or impose unrealistic demands on their care givers who support them in authenticating themselves.Here, we report on the development and evaluation of two versions of KidzPass, a graphical authentication mechanism that specifically relies on the abilities 3-5 year old children can be expected to possess. We conclude by reporting on lessons learned about designing authentication for this target user group.


Stewart, Michaela, Campbell, Mhairi, Renaud, Karen ORCID logoORCID: and Prior, Suzanne; Vance, Anthony