"We're on the Same Page": A Usability Study of Secure Email Using Pairs of Novice Users

TL;DR

This study evaluates the usability of secure email systems among novice users in pairs, revealing preferences, challenges, and trust issues, with implications for promoting grassroots adoption of secure email technology.

Contribution

It provides empirical insights into novice user experiences with secure email, highlighting the importance of integrated solutions and tutorials for adoption.

Findings

Users prefer integrated over depot-based solutions

Tutorials significantly aid first-time users

Hiding security details can reduce trust in the system

Abstract

Secure email is increasingly being touted as usable by novice users, with a push for adoption based on recent concerns about government surveillance. To determine whether secure email is for grassroots adoption, we employ a laboratory user study that recruits pairs of novice to install and use several of the latest systems to exchange secure messages. We present quantitative and qualitative results from 25 pairs of novice users as they use Pwm, Tutanota, and Virtru. Participants report being more at ease with this type of study and better able to cope with mistakes since both participants are "on the same page". We find that users prefer integrated solutions over depot-based solutions, and that tutorials are important in helping first-time users. Hiding the details of how a secure email system provides security can lead to a lack of trust in the system. Participants expressed a desire to use secure email, but few wanted to use it regularly and most were unsure of when they might use it.