Communications of the ACM
Users' conceptions of web security: a comparative study
CHI '02 Extended Abstracts on Human Factors in Computing Systems
Informed Consent in the Mozilla Browser: Implementing Value Sensitive Design
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 8 - Volume 8
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Do security toolbars actually prevent phishing attacks?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Security user studies: methodologies and best practices
CHI '07 Extended Abstracts on Human Factors in Computing Systems
PrivateBits: managing visual privacy in web browsers
GI '07 Proceedings of Graphics Interface 2007
End-user privacy in human-computer interaction
Foundations and Trends in Human-Computer Interaction
ACM SIGACT News
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
RUST: a retargetable usability testbed for website authentication technologies
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Exploring User Reactions to New Browser Cues for Extended Validation Certificates
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Threat Modelling in User Performed Authentication
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Timing is everything?: the effects of timing and placement of online privacy indicators
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Enhancing research into usable privacy and security
Proceedings of the 27th ACM international conference on Design of communication
Browser interfaces and extended validation SSL certificates: an empirical study
Proceedings of the 2009 ACM workshop on Cloud computing security
BogusBiter: A transparent protection against phishing attacks
ACM Transactions on Internet Technology (TOIT)
An evaluation of extended validation and picture-in-picture phishing attacks
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
What instills trust? a qualitative study of phishing
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Crying wolf: an empirical study of SSL warning effectiveness
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
TLS man-in-the-middle laboratory exercise for network security education
Proceedings of the 2010 ACM conference on Information technology education
Informing security indicator design in web browsers
Proceedings of the 2011 iConference
Reinforcing bad behaviour: the misuse of security indicators on popular websites
Proceedings of the 22nd Conference of the Computer-Human Interaction Special Interest Group of Australia on Computer-Human Interaction
Does domain highlighting help people identify phishing sites?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Measuring and predicting web login safety
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack
An empirical study of visual security cues to prevent the SSLstripping attack
Proceedings of the 27th Annual Computer Security Applications Conference
Proceedings of the Seventh Symposium on Usable Privacy and Security
TrustSplit: usable confidentiality for social network messaging
Proceedings of the 23rd ACM conference on Hypertext and social media
A Value Sensitive Design Investigation of Privacy Enhancing Tools in Web Browsers
Decision Support Systems
Measuring SSL indicators on mobile browsers: extended life, or end of the road?
ISC'12 Proceedings of the 15th international conference on Information Security
Comparative eye tracking of experts and novices in web single sign-on
Proceedings of the third ACM conference on Data and application security and privacy
Supporting visual security cues for WebView-based Android apps
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Here's my cert, so trust me, maybe?: understanding TLS errors on the web
Proceedings of the 22nd international conference on World Wide Web
Alice in warningland: a large-scale field study of browser security warning effectiveness
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
Web browsers support secure online transactions, and provide visual feedback mechanisms to inform the user about security. These mechanisms have had little evaluation to determine how easily they are noticed and how effectively they are used. This paper describes a preliminary study conducted to determine which elements are noted, which are ignored, and how easily they are found. We collected eyetracker data to study user's attention to browser security, and gathered additional subjective data through questionnaires. Our results demonstrated that while the lock icon is commonly viewed, its interactive capability is essentially ignored. We also found that certificate information is rarely used, and that people stop looking for security information after they have signed into a site. These initial results provide insights into how browser security cues might be improved.