Private Webmail 2.0: Simple and Easy-to-Use Secure Email

TL;DR

Private Webmail 2.0 enhances secure email usability and security through innovative interface features, enabling ordinary users to send encrypted messages confidently and correctly, demonstrated by a user study with positive results.

Contribution

Introduces new user interface traits for secure email that significantly improve usability and security for ordinary users.

Findings

Inline tutorials increased tutorial view rates from <10% to over 90%.

User study with 51 participants validated interface improvements.

Manual encryption did not negatively impact usability or security.

Abstract

Private Webmail 2.0 (Pwm 2.0) improves upon the current state of the art by increasing the usability and practical security of secure email for ordinary users. More users are able to send and receive encrypted emails without mistakenly revealing sensitive information. In this paper we describe user interface traits that positively affect the usability and security of Pwm 2.0: (1) an artificial delay to encryption that enhances user confidence in Pwm 2.0 while simultaneously instructing users on who can read their encrypted messages; (2) a modified composition interface that helps protect users from mistakenly sending sensitive information in the clear; (3) an annotated secure email composition interface that instructs users on how to correctly use secure email; and (4) inline, context-sensitive tutorials, which improved view rates for tutorials from less than 10% in earlier systems to over 90% for Pwm 2.0. In a user study involving 51 participants we validate these interface modifications, and also show that the use of manual encryption has no effect on usability or security.