Christian Tiefenau scite author profile

Passwords are still a mainstay of various security systems, as well as the cause of many usability issues. For end-users, many of these issues have been studied extensively, highlighting problems and informing design decisions for better policies and motivating research into alternatives. However, end-users are not the only ones who have usability problems with passwords! Developers who are tasked with writing the code by which passwords are stored must do so securely. Yet history has shown that this complex task often fails due to human error with catastrophic results. While an end-user who selects a bad password can have dire consequences, the consequences of a developer who forgets to hash and salt a password database can lead to far larger problems. In this paper we present a first qualitative usability study with 20 computer science students to discover how developers deal with password storage and to inform research into aiding developers in the creation of secure password systems. * These authors contributed equally to this work.

show abstract

A Usability Evaluation of Let's Encrypt and Certbot

Tiefenau

Zezschwitz

Häring

et al. 2019

View full text Add to dashboard Cite

Less About Privacy: Revisiting a Survey about the German COVID-19 Contact Tracing App

Häring

Gerlitz

Smith

et al. 2023

View full text Add to dashboard Cite

The Struggle is Real: Analyzing Ground Truth Data of TLS (Mis-)Configurations

Tiefenau¹,

Zezschwitz²

2018

Preprint

View full text Add to dashboard Cite

As of today, TLS is the most commonly used protocol to protect communication content. To provide good security, it is of central importance, that administrators know how to configure their services correctly. For this purpose, services like, e.g., Qualys SSL Server Test can be leveraged to test the correctness of a given web server configuration. We analyzed the utilization of this service over a period of 2.5 months and found two major usage-patterns. In addition, there is a relation between the number of test-runs and the resulting quality (i.e., security) of a TLS configuration.

show abstract

Replicating a Study of Ransomware in Germany

Ortloff

Vossen

Tiefenau

2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.