A5086438983- Privacy, Security, and Data Protection
- User Authentication and Security Systems
- Sexuality, Behavior, and Technology
- Innovative Human-Technology Interaction
- Social Media and Politics
- Sharing Economy and Platforms
- Advanced Malware Detection Techniques
- Privacy-Preserving Technologies in Data
- Personal Information Management and User Behavior
- Impact of Technology on Adolescents
- Mobile Crowdsensing and Crowdsourcing
- Digital Marketing and Social Media
- Evolutionary Psychology and Human Behavior
- Psychology of Social Influence
- Technology Adoption and User Behaviour
- Internet Traffic Analysis and Secure E-voting
- Hate Speech and Cyberbullying Detection
- Human-Automation Interaction and Safety
- Web Data Mining and Analysis
- Knowledge Management and Sharing
- Misinformation and Its Impacts
- Digital Mental Health Interventions
- Spam and Phishing Detection
Carnegie Mellon University
2016-2023
Despite their ubiquity, many password meters provide inaccurate strength estimates. Furthermore, they do not explain to users what is wrong with or how improve it. We describe the development and evaluation of a data-driven meter that provides accurate measurement actionable, detailed feedback users. This combines neural networks numerous carefully combined heuristics score passwords generate text about user's password. meter's iterative final design. detail security usability impact design...
Text passwords---a frequent vector for account compromise, yet still ubiquitous---have been studied decades by researchers attempting to determine how coerce users create passwords that are hard attackers guess but easy type and memorize. Most studies examine one password or a small number of per user, often rely on created solely the purpose study protecting low-value accounts. These limitations severely constrain our understanding security in practice, including extent nature reuse,...
We conducted an in-lab user study with 24 participants to explore the usefulness and usability of privacy choices offered by websites. Participants were asked find use related email marketing, targeted advertising, or data deletion on a set nine websites that differed in terms where how these presented. They struggled several aspects interaction, such as selecting correct page from site's navigation menu understanding what information include written opt-out requests. found mechanisms...
Many websites have added cookie consent interfaces to meet regulatory requirements. While prior work has demonstrated that they often use dark patterns — design techniques lead users less privacy-protective options other usability aspects of these been explored. This study contributes a comprehensive, two-stage assessment interfaces. We first inspected 191 against five pattern heuristics and identified choices may impact usability. then conducted 1,109-participant online between-subjects...
Increasingly, icons are being proposed to concisely convey privacy-related information and choices users. However, complex privacy concepts can be difficult communicate. We investigate which effectively signal the presence of choices. In a series user studies, we designed evaluated accompanying textual descriptions (link texts) conveying choice, opting-out, sale personal — latter an opt-out mandated by California Consumer Privacy Act (CCPA). identified icon-link text pairings that conveyed...
Website privacy policies sometimes provide users the option to opt-out of certain collections and uses their personal data. Unfortunately, many bury these instructions deep in text, few web have time or skill necessary discover them. We describe a method for automated detection choices policy text presentation through browser extension. creation two corpora choices, which enable training classifiers identify opt-outs policies. Our overall approach extracting classifying combines heuristics...
Usable privacy and security researchers have developed a variety of approaches to represent risk research participants. To understand how these are used when each might be most appropriate, we conducted systematic literature review methods in studies with human From sample 633 papers published at five top conferences between 2014 2018 that included keywords related both security/privacy usability, systematically selected analyzed 284 full-length subjects studies. Our analysis focused on...
People share personal content online with varied audiences, as part of tasks ranging from conversational-style sharing to collaborative activities. We use an interview- and diary-based study explore: 1) what factors impact channel choice for particular audiences; 2) behavioral patterns emerge the ability combine or switch between channels. find that in context different tasks, participants match features selective-sharing other task-based needs, shaped by recipient attributes communication...
We conducted an online survey and remote usability study to explore user needs related advertising controls on Facebook determine how well existing align with these needs. Our results highlight a range of objectives controlling ads, including being able select what ad topics are shown or personal information is used in targeting. Some achievable Facebook's controls, but participants seemed be unaware them, suggesting issues discoverability. In our study, noted areas which the could improved,...
Websites implement cookie consent interfaces to obtain users' permission use non-essential cookies, as required by privacy regulations. We extend prior research evaluating the impact of interface design on through an online behavioral experiment (n = 1359) in which we prompted mobile and desktop users from UK US make decisions using one 14 implemented with OneTrust management platform (CMP). found significant effects user behavior sentiment for multiple explanatory variables, including more...
Tech companies that rely on ads for business argue users have control over their data via ad privacy settings. However, these settings are often hidden. This work aims to inform the design of findable controls and study impact users' behavior sentiment. We iteratively designed interfaces varied in setting's (1) entry point (within ads, at feed's top) (2) level actionability, with high actionability directly surfacing links specific advertisement settings, low pointing general pages (which is...
Assessing the usability of choice and consent mechanisms.
Public sharing is integral to online platforms. This includes the popular multimedia messaging application Snapchat, on which public relatively new and unexplored in prior research. In mobile-first applications, contexts are dynamic. However, it unclear how context impacts users' decisions. As platforms increasingly rely user-generated content, important also broadly understand user motivations considerations sharing. We explored these aspects of content through a survey 1,515 Snapchat...
The spread of misinformation through online social media platforms has had substantial societal consequences. As a result, have introduced measures to alert users news content that may be misleading or contain inaccuracies as means discourage them from sharing it. These interventions sometimes cite external sources, such fact-checking organizations and outlets, for providing assessments related the accuracy content. However, it is unclear whether trust provided by these entities perceptions...
Public sharing is integral to online platforms. This includes the popular multimedia messaging application Snapchat, on which public relatively new and unexplored in prior research. In mobile-first applications, contexts are dynamic. However, it unclear how context impacts users' decisions. As platforms increasingly rely user-generated content, important also broadly understand user motivations considerations sharing. We explored these aspects of content through a survey 1,515 Snapchat...