@inproceedings {291235, author = {Alexandra Nisenoff and Maximilian Golla and Miranda Wei and Juliette Hainline and Hayley Szymanek and Annika Braun and Annika Hildebrandt and Blair Christensen and David Langenberg and Blase Ur}, title = {A {Two-Decade} Retrospective Analysis of a University{\textquoteright}s Vulnerability to Attacks Exploiting Reused Passwords}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {5127--5144}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/nisenoff-retrospective}, publisher = {USENIX Association}, month = aug } @inproceedings {281234, author = {Philipp Markert and Theodor Schnitzler and Maximilian Golla and Markus D{\"u}rmuth}, title = {"As soon as it{\textquoteright}s a risk, I want to require {MFA"}: How Administrators Configure Risk-based Authentication}, booktitle = {Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)}, year = {2022}, isbn = {978-1-939133-30-4}, address = {Boston, MA}, pages = {483--501}, url = {https://www.usenix.org/conference/soups2022/presentation/markert}, publisher = {USENIX Association}, month = aug } @inproceedings {274582, author = {Florian M. Farke and David G. Balash and Maximilian Golla and Markus D{\"u}rmuth and Adam J. Aviv}, title = {Are Privacy Dashboards Good for End Users? Evaluating User Perceptions and Reactions to Google{\textquoteright}s My Activity}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {483--500}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/farke}, publisher = {USENIX Association}, month = aug } @inproceedings {274586, author = {Maximilian Golla and Grant Ho and Marika Lohmus and Monica Pulluri and Elissa M. Redmiles}, title = {Driving {2FA} Adoption at Scale: Optimizing {Two-Factor} Authentication Notification Design Patterns}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {109--126}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/golla}, publisher = {USENIX Association}, month = aug } @inproceedings {274547, author = {Leona Lassak and Annika Hildebrandt and Maximilian Golla and Blase Ur}, title = {"It{\textquoteright}s Stored, Hopefully, on an Encrypted Server{\textquoteright}{\textquoteright}: Mitigating Users{\textquoteright} Misconceptions About {FIDO2} Biometric {WebAuthn}}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {91--108}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/lassak}, publisher = {USENIX Association}, month = aug } @inproceedings {217501, author = {Weijia He and Maximilian Golla and Roshni Padhi and Jordan Ofek and Markus D{\"u}rmuth and Earlence Fernandes and Blase Ur}, title = {Rethinking Access Control and Authentication for the Home Internet of Things ({{{{{IoT}}}}})}, booktitle = {27th USENIX Security Symposium (USENIX Security 18)}, year = {2018}, isbn = {978-1-939133-04-5}, address = {Baltimore, MD}, pages = {255--272}, url = {https://www.usenix.org/conference/usenixsecurity18/presentation/he}, publisher = {USENIX Association}, month = aug }