A Brief Introduction to Usable Security

Payne, Bryan D.; Edwards, W. Keith

doi:10.1109/mic.2008.50

Cited by 61 publications

(39 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Usable security aims to improve the security of a system by helping the user make good decisions [33]. This involves informing users about the system, communicating risks in a way that is understandable, clarifying what the security requirements are, and providing guidance with technical tasks [1].…”

Section: Related Workmentioning

confidence: 99%

A Usability Evaluation of Tor Launcher

Lee

Fifield

Malkin

et al. 2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Abstract:Although Tor has state-of-the art anticensorship measures, users in heavily censored environments will not be able to connect to Tor if they cannot configure their connections. We perform the first usability evaluation of Tor Launcher, the graphical user interface (GUI) that Tor Browser uses to configure connections to Tor. Our study shows that 79% (363 of 458) of user attempts to connect to Tor in simulated censored environments failed. We found that users were often frustrated during the process and tried options at random. In this paper, we measure potential usability issues, discuss design constraints unique to Tor, and provide recommendations based on what we learned to help more users connect to Tor while reducing the time they take to do so. Tor Browser incorporated the changes proposed by this study.

show abstract

Section: Related Workmentioning

confidence: 99%

A Usability Evaluation of Tor Launcher

Lee

Fifield

Malkin

et al. 2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…Password utilization (Payne and Edwards, 2008) is a typical authentication method, with the achievable security level highly depended on the password construction policy. For the password construction process to be effective, both security and users' usability aspects should be considered.…”

Section: Password Construction: Security Vs Usability Strategiesmentioning

confidence: 99%

“…A brute force attack considers all possible combinations of characters, numbers and symbols, thus it could be a very time consuming process compared to the dictionary attack. From an organization's point of view, constructing diverse, random passwords of minimum 8 characters, mixing upper case and lower case characters, numbers and symbols, could decrease the possibility of account compromisation (Payne and Edwards, 2008). Therefore, a high security level can be achieved.…”

Section: Password Construction: Security Vs Usability Strategiesmentioning

confidence: 99%

See 1 more Smart Citation

Transparent password policies: A case study of investigating end-user situational awareness

Bullo¹,

Stavrou²,

Stavrou³

2017

IJCSA

View full text Add to dashboard Cite

Transparent password policies are utilized by organizations in an effort to ease the end-user (e.g. customer) from the burden of configuring authentication settings while maintaining a high level of security. However, authentication transparency can challenge security and usability and can impact the awareness of the end-users with regards to the protection level that is realistically achieved. For authentication transparency to be effective, the triptych security -usability -situational awareness should be considered when designing relevant security solutions / products. Although various efforts have been made in the literature, the usability aspects of the password selection process are not well understood or addressed in the context of end-user situational awareness. This research work specifies three security and usability-related strategies that represent the organizations', the end users' and the attackers' objectives with regards to password construction. Understanding each actor's perspective can greatly assist in increasing situational awareness with regards to the authentication controls usage and effectiveness. Furthermore, a case study is presented to evaluate if, and in what way, transparent password policies, that isolate users' involvement can affect the perspective of the end-user with regards to the

show abstract

“…However, there are also great differences in the ways that the anti-virus software alerts users of viruses, which can also influence the users' satisfaction with the anti-virus software. Recently, some studies conducted by Edwards and his co-workers (Payne andEdwards 2008, Stoll et al 2008) also highlighted the importance to investigate how to better inform users of security accidents.…”

Section: Anti-virus Softwarementioning

confidence: 99%

Effects of communication style and time orientation on notification systems and anti-virus software

Huang

Rau

et al. 2010

Behaviour & Information Technology

View full text Add to dashboard Cite

The objectives of this study were (1) to investigate the effects of communication style (CS) and time orientation (TO) on people's perception of and proficiency in responding to notification systems and (2) to study the applications of these effects in the design of user notification in anti-virus software. Significant effects were found in the experiment; the results showed that users with a low-context CS can remember and make sense of the information provided by the notification system better than users with a high-context CS. Polychronic users perceive a lower level of interruption of the notification messages than monochronic users; polychronic users prefer rapid and accurate responses to the stimuli provided by the notification system, whereas monochronic users tend to avoid responding to the stimuli. Four sessions of focus group discussions were then carried out with users of different CS and TO, which focused on the virus attack warning provided by anti-virus software. The results should prove useful to aid designers in creating more effective and appealing ways to give notification or warnings to users.

show abstract

A Brief Introduction to Usable Security

Cited by 61 publications

References 13 publications

A Usability Evaluation of Tor Launcher

A Usability Evaluation of Tor Launcher

Transparent password policies: A case study of investigating end-user situational awareness

Effects of communication style and time orientation on notification systems and anti-virus software

Contact Info

Product

Resources

About