@inproceedings {287216, author = {Alexandra Nisenoff and Arthur Borem and Madison Pickering and Grant Nakanishi and Maya Thumpasery and Blase Ur}, title = {Defining "Broken": User Experiences and Remediation Tactics When {Ad-Blocking} or {Tracking-Protection} Tools Break a {Website{\textquoteright}s} User Experience}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {3619--3636}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/nisenoff-broken}, publisher = {USENIX Association}, month = aug } @inproceedings {291235, author = {Alexandra Nisenoff and Maximilian Golla and Miranda Wei and Juliette Hainline and Hayley Szymanek and Annika Braun and Annika Hildebrandt and Blair Christensen and David Langenberg and Blase Ur}, title = {A {Two-Decade} Retrospective Analysis of a University{\textquoteright}s Vulnerability to Attacks Exploiting Reused Passwords}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {5127--5144}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/nisenoff-retrospective}, publisher = {USENIX Association}, month = aug } @inproceedings {279940, author = {Collins W. Munyendo and Philipp Markert and Alexandra Nisenoff and Miles Grant and Elena Korkes and Blase Ur and Adam J. Aviv}, title = {"The Same {PIN}, Just Longer": On the ({In)Security} of Upgrading {PINs} from 4 to 6 Digits}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {4023--4040}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/munyendo}, publisher = {USENIX Association}, month = aug } @inproceedings {272222, author = {Mohammad Taha Khan and Christopher Tran and Shubham Singh and Dimitri Vasilkov and Chris Kanich and Blase Ur and Elena Zheleva}, title = {Helping Users Automatically Find and Manage Sensitive, Expendable Files in Cloud Storage}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {1145--1162}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/khan-mohammad}, publisher = {USENIX Association}, month = aug } @inproceedings {274547, author = {Leona Lassak and Annika Hildebrandt and Maximilian Golla and Blase Ur}, title = {"It{\textquoteright}s Stored, Hopefully, on an Encrypted Server{\textquoteright}{\textquoteright}: Mitigating Users{\textquoteright} Misconceptions About {FIDO2} Biometric {WebAuthn}}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {91--108}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/lassak}, publisher = {USENIX Association}, month = aug } @inproceedings {274457, author = {Christian Stransky and Dominik Wermke and Johanna Schrader and Nicolas Huaman and Yasemin Acar and Anna Lena Fehlhaber and Miranda Wei and Blase Ur and Sascha Fahl}, title = {On the Limited Impact of Visualizing Encryption: Perceptions of {E2E} Messaging Security}, booktitle = {Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021)}, year = {2021}, isbn = {978-1-939133-25-0}, pages = {437--454}, url = {https://www.usenix.org/conference/soups2021/presentation/stransky}, publisher = {USENIX Association}, month = aug } @inproceedings {274435, author = {Sophie Veys and Daniel Serrano and Madison Stamos and Margot Herman and Nathan Reitinger and Michelle L. Mazurek and Blase Ur}, title = {Pursuing Usable and Useful Data Downloads Under {GDPR/CCPA} Access Rights via {Co-Design}}, booktitle = {Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021)}, year = {2021}, isbn = {978-1-939133-25-0}, pages = {217--242}, url = {https://www.usenix.org/conference/soups2021/presentation/veys}, publisher = {USENIX Association}, month = aug } @inproceedings {274419, author = {Kentrell Owens and Olabode Anise and Amanda Krauss and Blase Ur}, title = {User Perceptions of the Usability and Security of Smartphones as {FIDO2} Roaming Authenticators}, booktitle = {Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021)}, year = {2021}, isbn = {978-1-939133-25-0}, pages = {57--76}, url = {https://www.usenix.org/conference/soups2021/presentation/owens}, publisher = {USENIX Association}, month = aug } @inproceedings {255286, author = {Miranda Wei and Madison Stamos and Sophie Veys and Nathan Reitinger and Justin Goodman and Margot Herman and Dorota Filipczuk and Ben Weinshel and Michelle L. Mazurek and Blase Ur}, title = {What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users{\textquoteright} Own Twitter Data}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {145--162}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/wei}, publisher = {USENIX Association}, month = aug } @inproceedings {220221, author = {Ruba Abu-Salma and Elissa M. Redmiles and Blase Ur and Miranda Wei}, title = {Exploring User Mental Models of {End-to-End} Encrypted Communication Tools}, booktitle = {8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 18)}, year = {2018}, address = {Baltimore, MD}, url = {https://www.usenix.org/conference/foci18/presentation/abu-salma}, publisher = {USENIX Association}, month = aug } @inproceedings {217501, author = {Weijia He and Maximilian Golla and Roshni Padhi and Jordan Ofek and Markus D{\"u}rmuth and Earlence Fernandes and Blase Ur}, title = {Rethinking Access Control and Authentication for the Home Internet of Things ({{{{{IoT}}}}})}, booktitle = {27th USENIX Security Symposium (USENIX Security 18)}, year = {2018}, isbn = {978-1-939133-04-5}, address = {Baltimore, MD}, pages = {255--272}, url = {https://www.usenix.org/conference/usenixsecurity18/presentation/he}, publisher = {USENIX Association}, month = aug } @inproceedings {205158, author = {Sean M. Segreti and William Melicher and Saranga Komanduri and Darya Melicher and Richard Shay and Blase Ur and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor and Michelle L. Mazurek}, title = {Diversify to Survive: Making Passwords Stronger with Adaptive Policies}, booktitle = {Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017)}, year = {2017}, isbn = {978-1-931971-39-3}, address = {Santa Clara, CA}, pages = {1--12}, url = {https://www.usenix.org/conference/soups2017/technical-sessions/presentation/segreti}, publisher = {USENIX Association}, month = jul } @inproceedings {204155, author = {William Melicher and Blase Ur and Saranga Komanduri and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor}, title = {Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks}, booktitle = {2017 USENIX Annual Technical Conference (USENIX ATC 17)}, year = {2017}, address = {Santa Clara, CA}, url = {https://www.usenix.org/conference/atc17/technical-sessions/presentation/melicher}, publisher = {USENIX Association}, month = jul } @inproceedings {203866, author = {Yuan Tian and Nan Zhang and Yueh-Hsun Lin and XiaoFeng Wang and Blase Ur and Xianzheng Guo and Patrick Tague}, title = {{SmartAuth}: {User-Centered} Authorization for the Internet of Things}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {361--378}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/tian}, publisher = {USENIX Association}, month = aug } @inproceedings {197243, author = {William Melicher and Blase Ur and Sean M. Segreti and Saranga Komanduri and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor}, title = {Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks}, booktitle = {25th USENIX Security Symposium (USENIX Security 16)}, year = {2016}, isbn = {978-1-931971-32-4}, address = {Austin, TX}, pages = {175--191}, url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/melicher}, publisher = {USENIX Association}, month = aug } @inproceedings {192379, author = {Blase Ur and Fumiko Noma and Jonathan Bees and Sean M. Segreti and Richard Shay and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor}, title = {"I Added {\textquoteright}!{\textquoteright} at the End to Make It Secure": Observing Password Creation in the Lab}, booktitle = {Eleventh Symposium On Usable Privacy and Security (SOUPS 2015)}, year = {2015}, isbn = {978-1-931971-249}, address = {Ottawa}, pages = {123--140}, url = {https://www.usenix.org/conference/soups2015/proceedings/presentation/ur}, publisher = {USENIX Association}, month = jul } @inproceedings {190978, author = {Blase Ur and Sean M. Segreti and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor and Saranga Komanduri and Darya Kurilova and Michelle L. Mazurek and William Melicher and Richard Shay}, title = {Measuring {Real-World} Accuracies and Biases in Modeling Password Guessability}, booktitle = {24th USENIX Security Symposium (USENIX Security 15)}, year = {2015}, isbn = {978-1-939133-11-3}, address = {Washington, D.C.}, pages = {463--481}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/ur}, publisher = {USENIX Association}, month = aug } @inproceedings {185284, author = {Lorrie Faith Cranor and Adam L. Durity and Abigail Marsh and Blase Ur}, title = {{Parents{\textquoteright}} and {Teens{\textquoteright}} Perspectives on Privacy In a {Technology-Filled} World}, booktitle = {10th Symposium On Usable Privacy and Security (SOUPS 2014)}, year = {2014}, isbn = {978-1-931971-13-3}, address = {Menlo Park, CA}, pages = {19--35}, url = {https://www.usenix.org/conference/soups2014/proceedings/presentation/cranor}, publisher = {USENIX Association}, month = jul } @inproceedings {180204, author = {Blase Ur and Patrick Gage Kelley and Saranga Komanduri and Joel Lee and Michael Maass and Michelle L. Mazurek and Timothy Passaro and Richard Shay and Timothy Vidas and Lujo Bauer and Nicolas Christin and Lorrie Faith Cranor}, title = {How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation}, booktitle = {21st USENIX Security Symposium (USENIX Security 12)}, year = {2012}, isbn = {978-931971-95-9}, address = {Bellevue, WA}, pages = {65--80}, url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/ur}, publisher = {USENIX Association}, month = aug }