Jan 10 2011

Usable Security

Published by

Usable security is a new research area combining human-computer interaction (HCI) and computer security. It aims to design “secure systems that people can use” and recognizes that even the most secure system will fail if it is used incorrectly or bypassed by users. It is especially important to consider user interaction when designing a security system because the consequences of an unusable system can lead to “dangerous errors”, i.e. errors that may have negative consequences with respect to security. Our work has focused on user authentication. In particular, we have conducted studies on password managers and graphical password systems, using in-lab experiments, interviews, and larger field studies. We are also investigating some of the broader issues related to usable security, namely users’ mental models of security and how these impact usability, the role of persuasion in security interfaces, and the nature of identity theft. We are also exploring how computer game design might inform usable security, so there is cross-over with our games and hypermedia research. Honours: The award for best paper at SOUPS 2007 (the ACM Symposium on Usable Privacy and Security) went to our paper: A Second Look at the Usability of Click-based Graphical Passwords

pccp expt Picture 4


Current Graduate Students

 Also see our Publications