Usable security papers

    1. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. Joseph Bonneau. Oakland 2012.
    2. Android Permissions: User Attention, Comprehension, and Behavior. Felt, Ha, Egelman, Haney, Chin, and Wagner. SOUPS 2012.
    3. Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. Akhawe and Felt. USENIX Security 2013.
    4. Securing Embedded User Interfaces: Android and Beyond. Roesner and Kohno. USENIX Security 2013.
    5. Your Attention Please: Designing Security-Decision UIs. Bravo-Lillo, Cranor, Downs, Komanduri, Reeder, Schechter, and Sleeper. SOUPS 2013.
    6. Are You Ready to Lock? Understanding User Motivations for Smartphone Locking Behaviors. Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, and David Wagner. CCS 2014.
    7. Improving SSL Warnings: Comprehension and Adherence. Adrienne Porter Felt, Alex Ainslie, Robert W. Reeder, Sunny Consolvo, Somas Thyagaraja, Alan Bettes, Helen Harris, Jeff Grimes. CHI 2015.
    8. Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks. William Melicher, Blase Ur, Sean M. Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. USENIX Security 2016.
    9. You’ve Got Vulnerability: Exploring Effective Vulnerability Notifications. Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxon. USENIX Security 2016.
    10. SysPal: System-guided Pattern Locks for Android. Geumhwan Cho, Jun Ho Huh, Junsung Cho, Seongyeol Oh, Youngbae Song and Hyoungshick Kim. Oakland 2017.
    11. Obstacles to the Adoption of Secure Communication Tools. Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, Matthew Smith. Oakland 2017.
    12. End User Security and Privacy Concerns with Smart Homes. Eric Zeng, Shrirang Mare, and Franziska Rohester. SOUPS 2017.
    13. Design and Evaluations of a Data-Driven Password Meter. Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, Noah Johnson, and William Melicher. CHI 2017.
    14. Turtles, Locks, and Bathrooms: Understanding Mental Models of Privacy Through Illustration. Maggie Oates, Yama Ahmadullah, Abigail Marsh, Chelse Swoopes, Shikun Zhang, Rebecca Balebako, and Lorrie Cranor. PETS 2018.
    15. Away From Prying Eyes: Analyzing Usage and Understanding of Private Browsing. Hana Habib, Jessica Colnago, Vidya Gopalakrishnan, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, and Lorrie Faith Cranor. SOUPS 2018.
    16. A Comparative Usability Study of Key Management in Secure Email. Scott Ruoti, Jeff Andersen, Tyler Monson, Daniel Zappala, and Kent Seamons. SOUPS 2018.
    17. Why people (don’t) use password managers effectively. Sarah Pearman, Shikun Aerin Zhang, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. SOUPS 2019.
    18. How well do my results generalize? Comparing security and privacy survey results from MTurk, web, and telephone samples. Redmiles, Elissa M., Sean Kross, and Michelle L. Mazurek. Oakland 2019.
    19. Users Really Do Answer Telephone Scams. Huahong Tu, Adam Doupé, Ziming Zhao, Gail-Joon Ahn. USENIX Security 2019.
    20. (Un)informed Consent: Studying GDPR Consent Notices in the Field. Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz. CCS 2019.
    21. Practical Recommendations for Stronger, More Usable Passwords Combining Minimum-strength, Minimum-length, and Blocklist Requirements. Joshua Tan, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. CCS 2020.
    22. What twitter knows: characterizing ad targeting practices, user perceptions, and ad explanations through users’ own twitter data. Miranda Wei, Madison Stamos, Sophie Veys, Nathan Reitinger, Justin Goodman, Margot Herman, Dorota Filipczuk, Ben Weinshel, Michelle L. Mazurek, Blase Ur. USENIX Security 2020.
    23. Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It. Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, Michael Hicks. USENIX Security 2020.
    24. User Mental Models of Cryptocurrency Systems – A Grounded Theory Approach. Alexandra Mai, Katharina Pfeffer, Edgar Weippl, Katharina Krombholz. SOUPS 2020.
    25. Towards Usable and Secure Location-based Smartphone Authentication. Geumhwan Cho, Sungsu Kwag, Jun Ho Huh, Bedeuro Kim, Choong-Hoon Lee, and Hyoungshick Kim. SOUPS 2021.
    26. Understanding Challenges for Developers to Create Accurate Privacy Nutrition Labels. T. Li, K. Reiman, Y. Agarwal, L.F. Cranor, and J.I. Hong. CHI 2022.