| USENIX Security 2024 |
Data Subjects' Reactions to Exercising their Right of Access
Arthur Borem, Elleen Pan, Olufunmilola Obielodan, Aurelie Roubinowitz, Luca Dovichi, Michelle L. Mazurek, Blase Ur. Proceedings of the 33rd USENIX Security Symposium. Philadelphia, PA, August 2024. [ Paper ] |
| USENIX Security 2024 |
Why Aren't We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication
Leona Lassak, Elleen Pan, Blase Ur, Maximilian Golla. Proceedings of the 33rd USENIX Security Symposium. Philadelphia, PA, August 2024. [ Paper | Extended Version | Press ] |
| PETS 2024 |
What Does It Mean to Be Creepy? Responses to Visualizations of Personal Browsing Activity, Online Tracking, and Targeted Ads
Nathan Reitinger, Bruce Wen, Michelle L. Mazurek, Blase Ur. Proceedings on Privacy Enhancing Technologies 2024(3). Bristol, UK, July 2024. [ Paper ] |
| EuroS&P 2024 Distinguished Paper Award Runner-Up |
Can Allowlists Capture the Variability of Home IoT Device Network Behavior?
Weijia He, Kevin Bryson, Ricardo Calderon, Vijay Prakash, Nick Feamster, Danny Yuxing Huang, Blase Ur. Proceedings of the 9th IEEE European Symposium on Security and Privacy (EuroS&P). Vienna, Austria, July 2024. [ Paper | Slides ] |
| ConPro 2024 |
Evaluation of Ad Transparency Systems
Kevin Bryson, Arthur Borem, Phoebe Moh, Omer Akgul, Laura Edelson, Chris Geeng, Tobias Lauinger, Michelle Mazurek, Damon McCoy, Blase Ur. Proceedings of the 8th Workshop on Technology and Consumer Protection (ConPro). San Francisco, CA, May 2024. [ Extended Abstract ] |
| CHI 2024 Best Paper Award |
JupyterLab in Retrograde: Contextual Notifications That Highlight Fairness and Bias Issues for Data Scientists
Galen Harrison, Kevin Bryson, Ahmad Emmanuel Balla Bamba, Luca Dovichi, Aleksander Herrmann Binion, Arthur Borem, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Online, May 2024. [ Paper ] |
| CCS 2023 |
Comprehension from Chaos: Towards Informed Consent for Private Computation
Bailey Kacsmar, Vasisht Duddu, Kyle Tilbury, Blase Ur, Florian Kerschbaum. Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS). Copenhagen, Denmark, November 2023. [ Paper ] |
| WPES 2023 |
Analysis of Google Ads Settings Over Time: Updated, Individualized, Accurate, and Filtered
Nathan Reitinger, Bruce Wen, Michelle Mazurek, Blase Ur. Proceedings of the 22nd Workshop on Privacy in the Electronic Society (WPES). Copenhagen, Denmark, November 2023. [ Paper ] |
| USENIX Security 2023 Distinguished Paper Award |
A Two-Decade Retrospective Analysis of a University's Vulnerability to Attacks Exploiting Reused Passwords
Alexandra Nisenoff, Maximilian Golla, Miranda Wei, Juliette Hainline, Hayley Szymanek, Annika Braun, Annika Hildebrandt, Blair Christensen, David Langenberg, Blase Ur. Proceedings of the 32nd USENIX Security Symposium. Anaheim, CA, August 2023. [ Paper | Extended Version ] |
| USENIX Security 2023 |
Defining "Broken": User Experiences and Remediation Tactics When Ad-Blocking or Tracking-Protection Tools Break a Website's User Experience
Alexandra Nisenoff, Arthur Borem, Madison Pickering, Grant Nakanishi, Maya Thumpasery, Blase Ur. Proceedings of the 32nd USENIX Security Symposium. Anaheim, CA, August 2023. [ Paper ] |
| USENIX ;login: Magazine 2023 |
Measuring the Risk Password Reuse Poses for a University
Alexandra Nisenoff, Maximilian Golla, Blase Ur. USENIX ;login: magazine. July 27, 2023. [ Article | Authors' Copy ] |
| (Poster) SOUPS 2023 |
Poster: MARI: Semi-Automated, Human-in-the-Loop Redaction of Text Corpora
Emma I. C. Peterson, Valerie Zhao, Dan Byrne, Blase Ur. Proceedings of the Nineteenth Symposium On Usable Privacy and Security (SOUPS). Anaheim, CA, August 2023. [ Extended Abstract | Poster ] |
| IMWUT 2022 (UbiComp 2023) |
Helping Users Debug Trigger-Action Programs
Lefan Zhang, Cyrus Zhou, Michael L. Littman, Blase Ur, Shan Lu. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 6, 4, Article 196, December 2022. Melbourne, Australia, September 2023. [ Paper ] |
| UIST 2022 |
Summarizing Sets of Related ML-Driven Recommendations for Improving File Management in Cloud Storage
Will Brackenbury, Kyle Chard, Aaron Elmore, Blase Ur. Proceedings of the 35th ACM Symposium on User Interface Software and Technology (UIST). Bend, OR, October 2022. [ Paper ] |
| USENIX Security 2022 |
"The Same PIN, Just Longer": On the (In)Security of Upgrading PINs from 4 to 6 Digits
Collins W. Munyendo, Philipp Markert, Alexandra Nisenoff, Miles Grant, Elena Korkes, Blase Ur, Adam J. Aviv. Proceedings of the 31st USENIX Security Symposium. Boston, MA, August 2022. [ Paper ] |
| NAACL 2022 |
Explaining Why: How Instructions and User Interfaces Impact Annotator Rationales When Labeling Text Data
Jamar L. Sullivan Jr., Will Brackenbury, Andrew McNutt, Kevin Bryson, Kwam Byll, Yuxin Chen, Michael L. Littman, Chenhao Tan, Blase Ur. Proceedings of the 2022 Annual Conference of the North American Chapter of the Association for Computational Linguistics (NAACL). Seattle, WA, July 2022. [ Paper ] |
| (Poster) RLDM 2022 |
Supporting End Users in Defining Reinforcement-Learning Problems for Human-Robot Interactions
Valerie Zhao, Michael L. Littman, Shan Lu, Sarah Sebo, Blase Ur. Extended Abstracts of the Fifth Multi-disciplinary Conference on Reinforcement Learning and Decision Making (RLDM). Providence, RI, June 2022. [ Extended Abstract ] |
| WPES 2021 |
From Secure to Military-Grade: Exploring the Effect of App Descriptions on User Perceptions of Secure Messaging
Omer Akgul, Ruba Abu-Salma, Wei Bai, Elissa M. Redmiles, Michelle L. Mazurek, Blase Ur. Proceedings of the 20th Workshop on Privacy in the Electronic Society (WPES). Online, November 2021. [ Paper ] |
| UIST 2021 |
KondoCloud: Improving Information Management in Cloud Storage via Recommendations Based on File Similarity
Will Brackenbury, Andrew McNutt, Kyle Chard, Aaron Elmore, Blase Ur. Proceedings of the 34th ACM Symposium on User Interface Software and Technology (UIST). Online, October 2021. [ Paper ] |
| IMWUT 2021 (UbiComp 2021) |
Who Am I? A Design Probe Exploring Real-Time Transparency About Online and Offline User Profiling Underlying Targeted Ads
Natã M. Barbosa, Gang Wang, Blase Ur, Yang Wang. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 5, 3, Article 88, September 2021. Online, September 2021. [ Paper ] |
| EuroS&P 2021 |
SoK: Context Sensing for Access Control in the Adversarial Home IoT
Weijia He, Valerie Zhao, Olivia Morkved, Sabeeka Siddiqui, Earlence Fernandes, Josiah Hester, Blase Ur. Proceedings of the 6th IEEE European Symposium on Security and Privacy (EuroS&P). Online, September 2021. [ Paper ] |
| USENIX Security 2021 |
"It's Stored, Hopefully, on an Encrypted Server": Mitigating Users' Misconceptions About FIDO2 Biometric WebAuthn
Leona Lassak, Annika Hildebrandt, Maximilian Golla, Blase Ur. Proceedings of the 30th USENIX Security Symposium. Online, August 2021. [ Paper | Extended Version ] |
| USENIX Security 2021 |
Helping Users Automatically Find and Manage Sensitive, Expendable Files in Cloud Storage
Mohammad Taha Khan, Christopher Tran, Shubham Singh, Dimitri Vasilkov, Chris Kanich, Blase Ur, Elena Zheleva. Proceedings of the 30th USENIX Security Symposium. Online, August 2021. [ Paper ] |
| SOUPS 2021 |
Pursuing Usable and Useful Data Downloads Under GDPR/CCPA Access Rights via Co-Design
Sophie Veys, Daniel Serrano, Madison Stamos, Margot Herman, Nathan Reitinger, Michelle L. Mazurek, Blase Ur. Proceedings of the Seventeenth Symposium On Usable Privacy and Security (SOUPS). Online, August 2021. [ Paper ] |
| SOUPS 2021 |
User Perceptions of the Usability and Security of Smartphones as FIDO2 Roaming Authenticators
Kentrell Owens, Olabode Anise, Amanda Krauss, Blase Ur. Proceedings of the Seventeenth Symposium On Usable Privacy and Security (SOUPS). Online, August 2021. [ Paper ] |
| SOUPS 2021 |
On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security
Christian Stransky, Dominik Wermke, Johanna Schrader, Nicolas Huaman, Yasemin Acar, Anna Lena Fehlhaber, Miranda Wei, Blase Ur, Sascha Fahl. Proceedings of the Seventeenth Symposium On Usable Privacy and Security (SOUPS). Online, August 2021. [ Paper ] |
| SIGIR 2021 |
Files of a Feather Flock Together? Measuring and Modeling How Users Perceive File Similarity in Cloud Storage
Will Brackenbury, Galen Harrison, Kyle Chard, Aaron Elmore, Blase Ur. Proceedings of the 44th International ACM SIGIR Conference on Research and Development in Information Retrieval (SIGIR). Online, July 2021. [ Paper ] |
| UMAP 2021 |
Do Users Have Contextual Preferences for Smartphone Power Management?
Sophie Welber, Valerie Zhao, Claire Dolin, Olivia Morkved, Henry Hoffmann, Blase Ur. Proceedings of the 29th Conference on User Modeling, Adaptation and Personalization (UMAP). Online, June 2021. [ Paper ] |
| ICWSM 2021 |
Perceptions of Retrospective Edits, Changes, and Deletion on Social Media
Günce Su Yılmaz, Fiona Gasaway, Blase Ur, Mainack Mondal. Proceedings of the Fifteenth International AAAI Conference on Web and Social Media (ICWSM). Online, June 2021. [ Paper ] |
| CHI 2021 Honorable Mention Award |
Understanding Trigger-Action Programs Through Novel Visualizations of Program Differences
Valerie Zhao, Lefan Zhang, Bo Wang, Michael L. Littman, Shan Lu, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Online, May 2021. [ Paper ] |
| CHI 2021 Honorable Mention Award |
Understanding the Security and Privacy Advice Given to Black Lives Matter Protesters
Maia J. Boyd, Jamar L. Sullivan Jr., Marshini Chetty, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Online, May 2021. [ Paper ] |
| IMWUT 2020 (UbiComp 2020) |
Trace2TAP: Synthesizing Trigger-Action Programs From Traces of Behavior
Lefan Zhang, Weijia He, Olivia Morkved, Valerie Zhao, Michael L. Littman, Shan Lu, Blase Ur. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 4, 3, Article 104, September 2020. Online, September 2020. [ Paper ] |
| USENIX Security 2020 |
What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users' Own Twitter Data
Miranda Wei, Madison Stamos, Sophie Veys, Nathan Reitinger, Justin Goodman, Margot Herman, Dorota Filipczuk, Ben Weinshel, Michelle L. Mazurek, Blase Ur. Proceedings of the 29th USENIX Security Symposium. Online, August 2020. [ Paper | Appendix ] |
| WAY 2020 |
A Framework For Evaluating the Usability and Security of Smartphones as FIDO2 Roaming Authenticators
Kentrell Owens, Blase Ur, Olabode Anise. Proceedings of the Who Are You?! Adventures in Authentication 2020 Workshop (WAY). Online, August 2020. [ Paper ] |
| ConPro 2020 |
Designing Visualization and Exploration Tools for Data Access Under GDPR/CCPA
Sophie Veys, Madison Stamos, Nathan Reitinger, Michelle L. Mazurek, Blase Ur. Proceedings of the 4th Workshop on Technology and Consumer Protection (ConPro). Online, May 2020. [ Paper ] |
| CHI 2020 Honorable Mention Award |
Taking Data Out of Context to Hyper-Personalize Ads: Crowdworkers' Privacy Perceptions and Decisions to Disclose Private Information
Julia Hanson, Miranda Wei, Sophie Veys, Matthew Kugler, Lior Strahilevitz, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Online, April 2020. [ Paper ] |
| (Poster) CHI 2020 LBW |
Visualizing Differences to Improve End-User Understanding of Trigger-Action Programs
Valerie Zhao, Lefan Zhang, Bo Wang, Shan Lu, Blase Ur. Extended Abstracts of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI LBW). Online, April 2020. [ Extended Abstract ] |
| FAT* 2020 |
An Empirical Study on the Perceived Fairness of Realistic, Imperfect Machine Learning Models
Galen Harrison, Julia Hanson, Christine Jacinto, Julio Ramirez, Blase Ur. Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency (FAT*). Barcelona, Spain, January 2020. [ Paper ] |
| CCS 2019 |
Oh, the Places You've Been! User Reactions to Longitudinal Transparency About Third-Party Web Tracking and Inferencing
Ben Weinshel, Miranda Wei, Mainack Mondal, Euirim Choi, Shawn Shan, Claire Dolin, Michelle L. Mazurek, Blase Ur. Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS). London, UK, November 2019. [ Paper | Code ] |
| CCS 2019 |
Moving Beyond Set-It-And-Forget-It Privacy Settings on Social Media
Mainack Mondal, Günce Su Yılmaz, Noah Hirsch, Mohammad Taha Khan, Michael Tang, Christopher Tran, Chris Kanich, Blase Ur, Elena Zheleva. Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS). London, UK, November 2019. [ Paper ] |
| INTERACT 2019 |
Evidence Humans Provide When Explaining Data-Labeling Decisions
Judah Newman, Bowen Wang, Valerie Zhao, Amy Zeng, Michael L. Littman, Blase Ur. Proceedings of the 17th IFIP TC.13 International Conference on Human-Computer Interaction (INTERACT). Paphos, Cyprus, September 2019. [ Paper ] |
| IEEE S&P 2019 |
Reasoning Analytically About Password-Cracking Software
Enze Liu, Amanda Nakanishi, Maximilian Golla, David Cash, Blase Ur. Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P / "Oakland"). San Francisco, CA, May 2019. [ Paper | Video preview | Code ] |
| SafeThings 2019 |
When Smart Devices Are Stupid: Negative Experiences Using Home Smart Devices
Weijia He, Jesse Martinez, Roshni Padhi, Lefan Zhang, Blase Ur. Proceedings of the IEEE Workshop on the Internet of Safe Things (SafeThings). San Francisco, CA, May 2019. [ Paper ] |
| ConPro 2019 |
Towards Considering and Documenting Algorithmic Fairness in the Data Science Workflow
Galen Harrison, Julia Hanson, Blase Ur. Proceedings of the 3rd Workshop on Technology and Consumer Protection (ConPro). San Francisco, CA, May 2019. [ Paper ] |
| CHI 2019 |
How Users Interpret Bugs in Trigger-Action Programming
Will Brackenbury, Abhimanyu Deora, Jillian Ritchey, Jason Vallee, Weijia He, Guan Wang, Michael L. Littman, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Glasgow, UK, May 2019. [ Paper | Appendix (regression tables, survey instrument) ] |
| ICSE 2019 |
AutoTap: Synthesizing and Repairing Trigger-Action Programs Using LTL Properties
Lefan Zhang, Weijia He, Jesse Martinez, Noah Brackenbury, Shan Lu, Blase Ur. Proceedings of the 41st ACM/IEEE International Conference on Software Engineering (ICSE). Montreal, QC, Canada, May 2019. [ Paper ] |
| CCS 2018 |
"What was that site doing with my Facebook password?" Designing Password-Reuse Notifications
Maximilian Golla, Miranda Wei, Juliette Hainline, Lydia Filipe, Markus Dürmuth, Elissa M. Redmiles, Blase Ur. Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS). Toronto, ON, Canada, October 2018. [ Paper ] |
| USENIX Security 2018 |
Rethinking Access Control and Authentication for the Home Internet of Things (IoT)
Weijia He, Maximilian Golla, Roshni Padhi, Jordan Ofek, Markus Dürmuth, Earlence Fernandes, Blase Ur. Proceedings of the 27th USENIX Security Symposium. Baltimore, MD, August 2018. [ Paper | Press ] |
| WAY 2018 |
The Password Doesn't Fall Far: How Service Influences Password Choice
Miranda Wei, Maximilian Golla, Blase Ur. Proceedings of the Who Are You?! Adventures in Authentication 2018 Workshop (WAY). Baltimore, MD, August 2018. [ Paper ] |
| FOCI 2018 |
Exploring User Mental Models of End-to-End Encrypted Communication Tools
Ruba Abu-Salma, Elissa M. Redmiles, Blase Ur, Miranda Wei. Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI). Baltimore, MD, August 2018. [ Paper | Press ] |
| WSSP 2018 |
Clap On, Clap Off: Usability of Authentication Methods in the Smart Home
Weijia He, Juliette Hainline, Roshni Padhi, Blase Ur. Proceedings of the Interactive Workshop on the Human Aspect of Smarthome Security and Privacy (WSSP). Baltimore, MD, August 2018. [ Paper ] |
| (Poster) SOUPS 2018 |
Poster: Making Retrospective Data Management Usable
Noah Hirsch, Chris Kanich, Mohammad Taha Khan, Xuefeng Liu, Mainack Mondal, Michael Tang, Christopher Tran, Blase Ur, William Wang, Günce Su Yilmaz, Elena Zheleva. Proceedings of the Fourteenth Symposium On Usable Privacy and Security (SOUPS). Baltimore, MD, August 2018. [ Extended Abstract | Poster ] |
| HILDA 2018 |
Draining the Data Swamp: A Similarity-based Approach
Will Brackenbury, Rui Liu, Mainack Mondal, Aaron Elmore, Blase Ur, Kyle Chard, Michael J. Franklin. Proceedings of the Workshop on Human-In-the-Loop Data Analytics (HILDA). Houston, TX, June 2018. [ Paper ] |
| CHI 2018 |
Unpacking Perceptions of Data-Driven Inferences
Underlying Online Targeting and Personalization
Claire Dolin, Ben Weinshel, Shawn Shan, Chang Min Hahn, Euirim Choi, Michelle L. Mazurek, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Montreal, QC, Canada, April 2018. [ Paper | Slides | Video preview ] |
| CHI 2018 |
Forgotten But Not Gone: Identifying the Need for Longitudinal Data Management in Cloud Storage
Mohammad Taha Khan, Maria Hyun, Chris Kanich, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Montreal, QC, Canada, April 2018. [ Paper ] |
| WWW 2018 |
Your Secrets Are Safe: How Browsers' Explanations Impact Misconceptions About Private Browsing Mode
Yuxi Wu, Panya Gupta, Miranda Wei, Yasemin Acar, Sascha Fahl, Blase Ur. Proceedings of the Web Conference (WWW). Lyon, France, April 2018. [ Paper | Slides | Press ] |
| USENIX ;login: Magazine 2017 |
Better Passwords Through Science (And Neural Networks)
William Melicher, Blase Ur, Sean M. Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. USENIX ;login: magazine. 42(4). Winter 2017. [ Article ] |
| USENIX Security 2017 |
SmartAuth: User-Centered Authorization for the Internet of Things
Yuan Tian, Nan Zhang, Yueh-Hsun Lin, Xiaofeng Wang, Blase Ur, Xianzheng Guo, Patrick Tague. Proceedings of the 26th USENIX Security Symposium. Vancouver, BC, Canada, August 2017. [ Paper ] |
| SOUPS 2017 |
Diversify to Survive: Making Passwords Stronger with Adaptive Policies
Sean M. Segreti, William Melicher, Saranga Komanduri, Darya Melicher, Richard Shay, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Michelle L. Mazurek. Proceedings of the Thirteenth Symposium On Usable Privacy and Security (SOUPS). Santa Clara, CA, July 2017. [ Paper ] |
| (Poster) SOUPS 2017 Distinguished Poster Award |
Poster: Data-Driven Transparency About Online Tracking
Euirim Choi, Claire Dolin, Aaron Goldman, Chang Min Hahn, Shawn Shan, Ben Weinshel, Michelle L. Mazurek, Blase Ur. Proceedings of the Thirteenth Symposium On Usable Privacy and Security (SOUPS). Santa Clara, CA, July 2017. [ Extended Abstract | Poster ] |
| (Poster) SOUPS 2017 |
Poster: Poking at the Cloud: Identifying Factors Behind Selective Cloud Uploading
Amanda Aizuss, Max Chen, Galen Harrison, Sotiri Komissopoulos, Blase Ur. Proceedings of the Thirteenth Symposium On Usable Privacy and Security (SOUPS). Santa Clara, CA, July 2017. [ Extended Abstract | Poster ] |
| CHI 2017 Best Paper Award |
Design and Evaluation of a Data-Driven Password Meter
Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, Noah Johnson, William Melicher. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Denver, CO, May 2017. [ Paper | Supplementary Material | Demo | Slides | Video preview | Code | Press ] |
| CHI 2017 |
Can Unicorns Help Users Compare Crypto Key Fingerprints?
Joshua Tan, Lujo Bauer, Joseph Bonneau, Lorrie Faith Cranor, Jeremy Thomas, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Denver, CO, May 2017. [ Paper | Video preview | The CryptoCorn on Twitter ] |
| USEC 2017 |
Password Creation in the Presence of Blacklists
Hana Habib, Jessica Colnago, William Melicher, Blase Ur, Sean Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the NDSS Workshop on Usable Security 2017 (USEC). San Diego, CA, February 2017. [ Paper ] |
| PhD Thesis |
Supporting Password-Security Decisions with Data
Blase Ur. Carnegie Mellon University PhD Thesis. Pittsburgh, Pennsylvania, September 2016. [ Paper ] |
| USENIX Security 2016 Best Paper Award |
Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks
William Melicher, Blase Ur, Sean M. Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the 25th USENIX Security Symposium. Austin, TX, August 2016. [ Paper | Video preview | Code ] |
| CHI 2016 Honorable Mention Award |
Do Users' Perceptions of Password Security Match Reality?
Blase Ur, Jonathan Bees, Sean M. Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). San Jose, CA, May 2016. [ Paper | Slides | Video preview | Press ] |
| CHI 2016 |
Trigger-Action Programming in the Wild: An Analysis of 200,000 IFTTT Recipes
Blase Ur, Melwyn Pak Yong Ho, Stephen Brawner, Jiyun Lee, Sarah Mennicken, Noah Picard, Diane Schulze, Michael L. Littman. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). San Jose, CA, May 2016. [ Paper | Slides | Video preview ] |
| CHI 2016 |
Usability and Security of Text Passwords on Mobile Devices
William Melicher, Darya Kurilova, Sean M. Segreti, Pranshu Kalvani, Richard Shay, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Michelle L. Mazurek. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). San Jose, CA, May 2016. [ Paper ] |
| TWEB 2016 |
A Large-Scale Evaluation of U.S. Financial Institutions' Standardized Privacy Notices
Lorrie Faith Cranor, Pedro Giovanni Leon, Blase Ur. ACM Transactions on the Web (TWEB) 10(3):17. 2016. [ Paper ] |
| TISSEC 2016 |
Designing Password Policies for Strength and Usability
Richard Shay, Saranga Komanduri, Adam L. Durity, Philip (Seyoung) Huh, Michelle L. Mazurek, Sean M. Segreti, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. ACM Transactions on Information and System Security (TISSEC) 18(4):13. 2016. [ Paper ] |
| USEC 2016 |
Watching Them Watching Me: Browser Extensions' Impact on User Privacy Awareness and Concern
Florian Schaub, Aditya Marella, Pranshu Kalvani, Blase Ur, Chao Pan, Emily Forney, Lorrie Faith Cranor. Proceedings of the NDSS Workshop on Usable Security 2016 (USEC). San Diego, California, February 2016. [ Paper ] |
| SPSM 2015 |
Supporting Privacy-Conscious App Update Decisions with User Reviews
Yuan Tian, Bin Liu, Weisi Dai, Blase Ur, Patrick Tague, and Lorrie Faith Cranor. Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices. Denver, CO, October 2015. [ Paper ] |
| USENIX Security 2015 |
Measuring Real-World Accuracies and Biases in Modeling Password Guessability
Blase Ur, Sean M. Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Saranga Komanduri, Darya Kurilova, Michelle L. Mazurek, William Melicher, Richard Shay. Proceedings of the 24th USENIX Security Symposium. Washington, DC, August 2015. [ Paper | Slides | Video preview | Password Guessability Service ] |
| SOUPS 2015 |
"I Added '!' at the End to Make It Secure": Observing Password Creation in the Lab
Blase Ur, Fumiko Noma, Jonathan Bees, Sean M. Segreti, Richard Shay, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the Eleventh Symposium On Usable Privacy and Security (SOUPS). Ottawa, Canada, July 2015. [ Paper | Slides ] |
| CHI 2015 |
A Spoonful of Sugar? The Impact of Guidance and Feedback on Password-Creation Behavior
Richard Shay, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Alain Forget, Saranga Komanduri, Michelle L. Mazurek, William Melicher, Sean M. Segreti, Blase Ur. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Seoul, South Korea, April 2015. [ Paper | Slides | Press ] |
| USEC 2015 |
Biometric Authentication on iPhone and Android: Usability, Perceptions, and Influences on Adoption
Chandrasekhar Bhagavatula, Blase Ur, Kevin Iacovino, Su Mon Kywe, Lorrie Faith Cranor, Marios Savvides. Proceedings of the NDSS Workshop on Usable Security 2015 (USEC). San Diego, California, February 2015. [ Paper | Slides ] |
| UbiComp 2014 Best Paper Award |
Intruders Versus Intrusiveness: Teens' and Parents' Perspectives on Home-Entryway Surveillance
Blase Ur, Jaeyeon Jung, Stuart Schechter. Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp). Seattle, Washington, September 2014. [ Paper | Slides ] |
| SOUPS 2014 |
Parents' and Teens' Perspectives on Privacy In a Technology-Filled World
Lorrie Faith Cranor, Adam L. Durity, Abigail Marsh, Blase Ur. Proceedings of the Tenth Symposium On Usable Privacy and Security (SOUPS). Mountain View, California, July 2014. [ Paper ] |
| CHI 2014 |
Practical Trigger-Action Programming in the Smart Home
Blase Ur, Elyse McManus, Melwyn Pak Yong Ho, Michael L. Littman. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Toronto, ON, Canada, April 2014. [ Paper | Slides | Video preview | Press ] |
| CHI 2014 |
Can long passwords be secure and usable?
Richard Shay, Saranga Komanduri, Adam L. Durity, Philip (Seyoung) Huh, Michelle L. Mazurek, Sean M. Segreti, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Toronto, ON, Canada, April 2014. [ Paper ] |
| Book Chapter (2014) |
Chapter 5: Tracking and Surveillance
Lorrie Faith Cranor, Manya Sleeper, Blase Ur. Introduction to IT Privacy: A Handbook for Technologists. (Travis Breaux, Executive Editor.) IAPP, 2014. [ Unedited first draft ] |
| CCS 2013 |
Measuring Password Guessability for an Entire University
Michelle Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay, Blase Ur. Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). Berlin, Germany, November 2013. [ Paper | Press ] |
| WPES 2013 |
The Post Anachronism: The Temporal Dimension of Facebook Privacy
Lujo Bauer, Lorrie Faith Cranor, Saranga Komanduri, Michelle L. Mazurek, Michael K. Reiter, Manya Sleeper, Blase Ur. Proceedings of the 12th Workshop on Privacy in the Electronic Society. Berlin, Germany, November 2013. [ Paper | Slides ] |
| I/S Journal 2013 |
{Privacy, Privacidad, Приватност} Policies in Social Media: Providing Translated Privacy Notice
Blase Ur, Manya Sleeper, Lorrie Faith Cranor. I/S: A Journal of Law and Policy for the Information Society. 9(2): 201--243. Summer 2013 [ Paper | Link | How to cite in bibtex ] |
| SOUPS 2013 |
What Matters to Users? Factors that Affect Users’ Willingness to Share Information with Online Advertisers
Pedro G. Leon, Blase Ur, Yang Wang, Manya Sleeper, Rebecca Balebako, Richard Shay, Lujo Bauer, Mihai Christodorescu, Lorrie Faith Cranor. Proceedings of the Ninth Symposium On Usable Privacy and Security (SOUPS). Newcastle, UK, July 2013. [ Paper ] |
| HUPS 2013 |
The Current State of Access Control for Smart Devices in Homes
Blase Ur, Jaeyeon Jung, Stuart Schechter. Workshop on Home Usable Privacy and Security (HUPS). Newcastle, UK, July 2013. [ Paper | Slides | Press ] |
| WEIS 2013 |
Are They Actually Any Different? Comparing Thousands of Financial Institutions' Privacy Practices
Lorrie Faith Cranor, Kelly Idouchi, Pedro Giovanni Leon, Manya Sleeper, Blase Ur. Workshop on the Economics of Information Security (WEIS). Washington, DC, June 2013. [ Paper | Slides | Press] |
| (Poster) IEEE S&P 2013 |
Poster: The Art of Password Creation
Blase Ur, Saranga Komanduri, Richard Shay, Stephanos Matsumoto, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Michelle L. Mazurek, Timothy Vidas. IEEE Symposium on Security and Privacy (Oakland). San Francisco, California, May 2013. [ Extended Abstract | Poster ] |
| CHI 2013 |
"I read my Twitter the next morning and was astonished": A Conversational Perspective on Twitter Regrets
Manya Sleeper, Justin Cranshaw, Patrick Gage Kelley, Blase Ur, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Paris, France, May 2013. [ Paper ] |
| PSOSM 2013 |
A Cross-Cultural Framework for Protecting User Privacy in Online Social Media
Blase Ur and Yang Wang. WWW Workshop on Privacy and Security in Online Social Media (PSOSM). Rio de Janeiro, Brazil. May 2013. [ Paper | Slides ] |
| USENIX ;login: Magazine 2012 |
Helping Users Create Better Passwords
Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle L. Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Julio López. USENIX ;login: magazine. 37(6): 51--57. December 2012. [ Article ] |
| WPES 2012 |
What Do Online Behavioral Advertising Disclosures Communicate to Users?
Pedro G. Leon, Justin Cranshaw, Lorrie Faith Cranor, Jim Graves, Manoj Hastak, Blase Ur, Guzi Xu. Proceedings of the 11th Workshop on Privacy in the Electronic Society. Raleigh, North Carolina. October 2012. [ Paper | Pre-print Tech Report ] |
| USENIX Security 2012 |
How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation
Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Proceedings of the 21st USENIX Security Symposium. Bellevue, Washington, August 2012. [ Paper | Slides ] |
| SOUPS 2012 |
Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising
Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay, Yang Wang. Proceedings of the Eighth Symposium On Usable Privacy and Security (SOUPS). Washington, D.C., July 2012. [ Paper | Slides ] |
| SOUPS 2012 |
Correct Horse Battery Staple: Exploring the Usability of System-Assigned Passphrases
Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle Mazurek, Blase Ur, Timothy Vidas, Lujo Bauer, Nicholas Christin, Lorrie Faith Cranor. Proceedings of the Eighth Symposium On Usable Privacy and Security (SOUPS). Washington, D.C., July 2012. [ Paper ] |
| CHI 2012 Honorable Mention Award |
Why Johnny Can't Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising
Pedro G. Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, Yang Wang. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Austin, Texas, May 2012. [ Paper | Extended Tech Report | Press] |
| CHI 2012 |
Tag, You Can See It! Using Tags for Access Control in Photo Sharing
Peter Klemperer, Yuan Liang, Michelle Mazurek, Manya Sleeper, Blase Ur, Lujo Bauer, Lorrie Faith Cranor, Nitin Gupta, Michael Reiter. Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI). Austin, Texas, May 2012. [ Paper ] |
| W2SP 2012 |
Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising
Rebecca Balebako, Pedro Leon, Richard Shay, Blase Ur, Yang Wang, Lorrie Faith Cranor. Web 2.0 Security and Privacy Workshop (W2SP). San Francisco, California, May 2012. [ Paper ] |
| PSOSM 2012 |
{Privacy, Privacidad, Приватност} Policies in Social Media: Providing Translated Privacy Notice
Blase Ur, Manya Sleeper, Lorrie Faith Cranor. WWW Workshop on Privacy and Security in Online Social Media (PSOSM). Lyon, France, April 2012. [ Paper | Slides | Press | How to cite in bibtex ] |
| iConference 2012 |
Online Social Networks in a Post-Soviet State: How Hungarians Protect and Share on Facebook
Blase Ur and Yang Wang. Proceedings of the iConference. Toronto, Ontario, Canada, February 2012. [ Paper | Slides ] |
| I/S Journal 2011 |
AdChoices? Compliance with Online Behavioral Advertising Notice and Choice Requirements
Saranga Komanduri, Richard Shay, Greg Norcie, Blase Ur, Lorrie Faith Cranor. I/S: A Journal of Law and Policy for the Information Society. 7(3): 603--638. 2011. [ Paper | Link | Extended Tech Report ] |
| HCII 2011 |
Scratchable Devices: User-Friendly Programming for Household Appliances
Jordan Ash, Monica Babes, Gal Cohen, Sameen Jalal, Sam Lichtenberg, Michael Littman, Phillip Quiza, Blase Ur, Emily Zhang. HCI International (HCII). Orlando, Florida, July 2011. [ Paper ] |
| (Poster) Scratch Conference 2010 |
Poster: Scratchable Devices: We'd Like to Teach The World to Code
Jordan Ash, Monica Babes, Gal Cohen, Sameen Jalal, Michael Littman, Luis Piloto, Phillip Quiza, Blase Ur. Scratch@MIT. Cambridge, Massachusetts, August 2010. [ Poster | Press ] |
| W2SP 2009 |
Evaluating Attack Amplification in Online Social Networks
Blase Ur and Vinod Ganapathy. Web 2.0 Security and Privacy Workshop (W2SP). Oakland, California, May 2009. [ Paper | Slides ] |
| Undergrad Thesis |
Privacy In Social Networking: A Usability Study
Blase Ur. Harvard University Undergraduate Thesis. Cambridge, Massachusetts, April 2007. [ Paper ] |