Category Archives: mental models of security
Towards Usable Web Single Sign-On
OpenID is an open and promising Web single sign-on (SSO) solution. The research led by my Ph.D. student San-Tsai Sun investigates the challenges and concerns web users face when using OpenID for authentication, and identifies what changes in the login … Continue reading
Can Metaphors of Physiscal Security Work for Computers?
There is evidence that the communication of security risks to home computer users has been unsuccessful. Prior research has found that users do not heed risk communications, that they do not read security warning texts, and that they ignore them. … Continue reading
Have users signed up?
I participated in a panel “Password Managers, Single Sign-On, Federated ID: Have users signed up?” at Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions, which was collocated … Continue reading
CHI Work in Progress to Feature LERSSE Research
This year, in Vancouver, Work In Progress Posters session of SIG CHI Conference will feature three research projects of my graduate students.
Lessons learned from studying users’ mental models of security
I gave a talk at Microsoft Research on user mental models of security. Continue reading
Filed under mental models of security, usable security, web security
Single Sign On on the Web: What’s broken and What can be fixed?
With Ph.D. student San-Tsai Sun, we have been investigating single-sign-on for Web.
Filed under mental models of security, usable security, web security
Understanding Wants and Needs of Personal Firewall Users
I’ve presented results of a user study by my graduate student Fahimeh Raja at SafeConfig. She conducted semi-structured interviews with a diverse set of participants to gain an understanding of their knowledge, requirements, perceptions, and misconceptions of personal firewalls. There are … Continue reading
Filed under mental models of security, usable security
