[Speaker] October 10th – Blase Ur, University of Chicago

October 1, 2017

Time: Tuesday, October 10th, 2017, 11:00 am-12:00 pm

Location: 4405 Siebel Center

Title: Helping Users Make Better Passwords Through Data-Driven Methods

Abstract: Despite decades of research into developing security advice and interfaces, users still struggle to make passwords. This talk will survey our work using data-driven methods to help users do better. I will first describe how we modeled password-guessing attacks and subsequently investigated whether users’ perceptions of password security match reality. Afterwards, I will present our design and evaluation of a user-centered, data-driven password meter. Using neural networks, we created a fast, compact, and accurate model of password guessing. We augmented this approach with carefully combined heuristics to construct a password meter that explains to users what is wrong with their password or how to improve it. Through a large-scale online study, we found that such a meter leads users to create much more secure passwords without significantly impacting memorability. I will conclude by describing ongoing work applying data-driven techniques more broadly in supporting security and privacy decisions.

Biography: Blase Ur is Neubauer Family Assistant Professor of Computer Science at the University of Chicago, where he and his students are the Security, Usability, and Privacy Education & Research group (SUPERgroup). His recent work focuses on data-driven methods to help users make better security and privacy decisions, in addition to improving the usability of complex computer systems. He received best paper awards at CHI 2017, USENIX Security 2016, and UbiComp 2014, as well as honorable mentions at CHI 2016 and CHI 2012. He holds a Ph.D. and an M.S. from Carnegie Mellon University, as well as an A.B. from Harvard University.

© Copyright 2013. HCI Group at UIUC, All rights reserved. Site designed by Academic Web Pages