User-authentication evaluation lab

[dbosk]

Evaluate user authentication from user--machine, machine--user perspective.

We should evaluate purely password-based authentication, two-factor authentication and key-based authentication (e.g. BankID), both from a security and a usability perspective.

[dbosk]

This is related to #11.

[dbosk]

There is some WIP on the eval-design-lab branch.

[dbosk]

Add the "Why Johnny can't encrypt" papers as reading.