Usable security papers

    1. Android Permissions: User Attention, Comprehension, and Behavior. Felt, Ha, Egelman, Haney, Chin, and Wagner. SOUPS 2012.
    2. Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. Akhawe and Felt. USENIX Security 2013.
    3. Securing Embedded User Interfaces: Android and Beyond. Roesner and Kohno. USENIX Security 2013.
    4. Your Attention Please: Designing Security-Decision UIs. Bravo-Lillo, Cranor, Downs, Komanduri, Reeder, Schechter, and Sleeper. SOUPS 2013.
    5. Are You Ready to Lock? Understanding User Motivations for Smartphone Locking Behaviors. Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, and David Wagner. CCS 2014.
    6. Improving SSL Warnings: Comprehension and Adherence. Adrienne Porter Felt, Alex Ainslie, Robert W. Reeder, Sunny Consolvo, Somas Thyagaraja, Alan Bettes, Helen Harris, Jeff Grimes. CHI 2015.
    7. Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks. William Melicher, Blase Ur, Sean M. Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. USENIX Security 2016.
    8. You’ve Got Vulnerability: Exploring Effective Vulnerability Notifications. Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxon. USENIX Security 2016.
    9. Comparing the Usability of Cryptographic APIs, Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. Oakland 2017.
    10. Obstacles to the Adoption of Secure Communication Tools. Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, and Matthew Smith. Oakland 2017.
    11. End User Security and Privacy Concerns with Smart Homes. Eric Zeng, Shrirang Mare, and Franziska Rohester. SOUPS 2017.
    12. Design and Evaluations of a Data-Driven Password Meter. Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, Noah Johnson, and William Melicher. CHI 2017.
    13. Turtles, Locks, and Bathrooms: Understanding Mental Models of Privacy Through Illustration. Maggie Oates, Yama Ahmadullah, Abigail Marsh, Chelse Swoopes, Shikun Zhang, Rebecca Balebako, and Lorrie Cranor. PETS 2018.
    14. Away From Prying Eyes: Analyzing Usage and Understanding of Private Browsing. Hana Habib, Jessica Colnago, Vidya Gopalakrishnan, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, and Lorrie Faith Cranor. SOUPS 2018.
    15. A Comparative Usability Study of Key Management in Secure Email. Scott Ruoti, Jeff Andersen, Tyler Monson, Daniel Zappala, and Kent Seamons. SOUPS 2018.
    16. Users Really Do Answer Telephone Scams. Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn. USENIX Security 2019.
    17. (Un)informed Consent: Studying GDPR Consent Notices in the Field. Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, and Thorsten Holz. CCS 2019.
    18. Protecting accounts from credential stuffing with password breach alerting, Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth Raghunathan, Patrick Gage Kelley, Luca Invernizzi, Borbala Benko, Tadek Pietraszek, and Sarvar Patel, Dan Boneh, and Elie Bursztein
    19. What twitter knows: characterizing ad targeting practices, user perceptions, and ad explanations through users’ own twitter data. Miranda Wei, Madison Stamos, Sophie Veys, Nathan Reitinger, Justin Goodman, Margot Herman, Dorota Filipczuk, Ben Weinshel, Michelle L. Mazurek, and Blase Ur. USENIX Security 2020.
    20. Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It. Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, and Michael Hicks. USENIX Security 2020.
    21. Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication. Sanam Ghorbani Lyastani, Michael Schilling, Michaela Neumayr, Michael Backes, and Sven Bugiel. Oakland 2020.
    22. User Mental Models of Cryptocurrency Systems – A Grounded Theory Approach. Alexandra Mai, Katharina Pfeffer, Edgar Weippl, and Katharina Krombholz. SOUPS 2020.
    23. Towards Usable and Secure Location-based Smartphone Authentication. Geumhwan Cho, Sungsu Kwag, Jun Ho Huh, Bedeuro Kim, Choong-Hoon Lee, and Hyoungshick Kim. SOUPS 2021.
    24. Smart Contract Security: A Practitioners’ Perspective. Zhiyuan Wan, Xin Xia, David Lo, Jiachi Chen, Xiapu Luo, and Xiaohu Yang. ICSE 2021.
    25. Understanding Challenges for Developers to Create Accurate Privacy Nutrition Labels. T. Li, K. Reiman, Y. Agarwal, L.F. Cranor, and J.I. Hong. CHI 2022.
    26. “The Same PIN, Just Longer”: On the (In)Security of Upgrading PINs from 4 to 6 Digits. Collins W. Munyendo, Philipp Markert, Alexandra Nisenoff, Miles Grant, Elena Korkes, Blase Ur, and Adam J. Aviv. USENIX Security 2022.
    27. No One Drinks From the Firehose: How Organizations Filter and Prioritize Vulnerability Information. Stephanie de Smale, Rik van Dijk, Xander Bouwman, Jeroen van der Ham, and Michel van Eeten. Oakland 2023.
    28. Characterizing Everyday Misuse of Smart Home Devices. Phoebe Moh, Pubali Datta, Noel Warford, Adam Bates, Nathan Malkin, and Michelle Mazurek. Oakland 2023.
    29. Account Security Interfaces: Important, Unintuitive, and Untrustworthy. Alaa Daffalla, Marina Bohuk, Nicola Dell, Rosanna Bellini, and Thomas Ristenpart. USENIX Security 2023.