Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness

Melanie Volkamer; Karen Renaud; Kristoffer Braun; Gamze Canova; Benjamin Reinheimer

doi:10.1007/978-3-319-22846-4_7

Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness

Melanie Volkamer, Karen Renaud, Kristoffer Braun, Gamze Canova, Benjamin Reinheimer

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

10 Citations (Scopus)

Abstract

This paper presents PassSec, a Firefox Add-on that raises user awareness about safe and unsafe password entry while they surf the web. PassSec comprises a two-stage approach: highlighting as the web page loads, then bringing up a just-in-time helpful dialogue when the user demonstrates an intention to enter a password on an unsafe web page. PassSec was developed using a human-centred design approach. We performed a field study with 31 participants that showed that PassSec significantly reduces the number of logins on websites where password entry is unsafe.

Original language	English
Title of host publication	Trust and Trustworthy Computing: 8th International Conference, TRUST 2015
Editors	Mauro Conti, Matthias Schunter, Ioannis Askoxylakis
Place of Publication	Cham
Publisher	Springer
Pages	104-122
Number of pages	18
Volume	9229
Edition	1
ISBN (Electronic)	9783319228464
ISBN (Print)	9783319228457
DOIs	https://doi.org/10.1007/978-3-319-22846-4_7
Publication status	Published - 26 Aug 2015
Event	International Conference on Trust and Trustworthy Computing - Heraklion, Greece Duration: 24 Aug 2015 → 26 Aug 2015 https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=International+Conference+on+Trust+and+Trustworthy+Computing+2015

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9229
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on Trust and Trustworthy Computing
Country/Territory	Greece
City	Heraklion
Period	24/08/15 → 26/08/15
Internet address	https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=International+Conference+on+Trust+and+Trustworthy+Computing+2015

Keywords

PassSec
embedded systems
hardware attacks and countermeasures
hardware-based security protocols
mobile systems
human-centered design approach
physical unclonable functions
privacy-preserving protocols
reputation systems
security and privacy
security in hardware
security protocols
social network security and privacy
software security engineering
TPM 2.0
tamper-proof and tamper-resistant designs
trust models
trusted computing
trusted platform module
trustworthy computing
dialogue help
password field

Access to Document

10.1007/978-3-319-22846-4_7

Cite this

Volkamer, M., Renaud, K., Braun, K., Canova, G., & Reinheimer, B. (2015). Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness. In M. Conti, M. Schunter, & I. Askoxylakis (Eds.), Trust and Trustworthy Computing: 8th International Conference, TRUST 2015 (1 ed., Vol. 9229, pp. 104-122). (Lecture Notes in Computer Science; Vol. 9229). Springer. https://doi.org/10.1007/978-3-319-22846-4_7

Volkamer, Melanie ; Renaud, Karen ; Braun, Kristoffer et al. / Design and Field Evaluation of PassSec : Raising and Sustaining Web Surfer Risk Awareness. Trust and Trustworthy Computing: 8th International Conference, TRUST 2015. editor / Mauro Conti ; Matthias Schunter ; Ioannis Askoxylakis. Vol. 9229 1. ed. Cham : Springer, 2015. pp. 104-122 (Lecture Notes in Computer Science).

@inproceedings{2803cc2499cc43928aac24b68e29fa9a,

title = "Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness",

abstract = " This paper presents PassSec, a Firefox Add-on that raises user awareness about safe and unsafe password entry while they surf the web. PassSec comprises a two-stage approach: highlighting as the web page loads, then bringing up a just-in-time helpful dialogue when the user demonstrates an intention to enter a password on an unsafe web page. PassSec was developed using a human-centred design approach. We performed a field study with 31 participants that showed that PassSec significantly reduces the number of logins on websites where password entry is unsafe.",

keywords = "PassSec, embedded systems, hardware attacks and countermeasures, hardware-based security protocols, mobile systems, human-centered design approach, physical unclonable functions, privacy-preserving protocols, reputation systems, security and privacy, security in hardware, security protocols, social network security and privacy, software security engineering, TPM 2.0, tamper-proof and tamper-resistant designs, trust models, trusted computing, trusted platform module, trustworthy computing, dialogue help, password field",

author = "Melanie Volkamer and Karen Renaud and Kristoffer Braun and Gamze Canova and Benjamin Reinheimer",

year = "2015",

month = aug,

day = "26",

doi = "10.1007/978-3-319-22846-4_7",

language = "English",

isbn = "9783319228457",

volume = "9229",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "104--122",

editor = "Conti, {Mauro } and Schunter, {Matthias } and Askoxylakis, {Ioannis }",

booktitle = "Trust and Trustworthy Computing: 8th International Conference, TRUST 2015",

edition = "1",

note = "International Conference on Trust and Trustworthy Computing ; Conference date: 24-08-2015 Through 26-08-2015",

url = "https://www.bing.com/search?form=MOZLBR&pc=MOZI&q=International+Conference+on+Trust+and+Trustworthy+Computing+2015",

}

Volkamer, M, Renaud, K, Braun, K, Canova, G & Reinheimer, B 2015, Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness. in M Conti, M Schunter & I Askoxylakis (eds), Trust and Trustworthy Computing: 8th International Conference, TRUST 2015. 1 edn, vol. 9229, Lecture Notes in Computer Science, vol. 9229, Springer, Cham, pp. 104-122, International Conference on Trust and Trustworthy Computing, Heraklion, Greece, 24/08/15. https://doi.org/10.1007/978-3-319-22846-4_7

Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness. / Volkamer, Melanie; Renaud, Karen; Braun, Kristoffer et al.
Trust and Trustworthy Computing: 8th International Conference, TRUST 2015. ed. / Mauro Conti; Matthias Schunter; Ioannis Askoxylakis. Vol. 9229 1. ed. Cham: Springer, 2015. p. 104-122 (Lecture Notes in Computer Science; Vol. 9229).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

TY - GEN

T1 - Design and Field Evaluation of PassSec

T2 - International Conference on Trust and Trustworthy Computing

AU - Volkamer, Melanie

AU - Renaud, Karen

AU - Braun, Kristoffer

AU - Canova, Gamze

AU - Reinheimer, Benjamin

PY - 2015/8/26

Y1 - 2015/8/26

N2 - This paper presents PassSec, a Firefox Add-on that raises user awareness about safe and unsafe password entry while they surf the web. PassSec comprises a two-stage approach: highlighting as the web page loads, then bringing up a just-in-time helpful dialogue when the user demonstrates an intention to enter a password on an unsafe web page. PassSec was developed using a human-centred design approach. We performed a field study with 31 participants that showed that PassSec significantly reduces the number of logins on websites where password entry is unsafe.

AB - This paper presents PassSec, a Firefox Add-on that raises user awareness about safe and unsafe password entry while they surf the web. PassSec comprises a two-stage approach: highlighting as the web page loads, then bringing up a just-in-time helpful dialogue when the user demonstrates an intention to enter a password on an unsafe web page. PassSec was developed using a human-centred design approach. We performed a field study with 31 participants that showed that PassSec significantly reduces the number of logins on websites where password entry is unsafe.

KW - PassSec

KW - embedded systems

KW - hardware attacks and countermeasures

KW - hardware-based security protocols

KW - mobile systems

KW - human-centered design approach

KW - physical unclonable functions

KW - privacy-preserving protocols

KW - reputation systems

KW - security and privacy

KW - security in hardware

KW - security protocols

KW - social network security and privacy

KW - software security engineering

KW - TPM 2.0

KW - tamper-proof and tamper-resistant designs

KW - trust models

KW - trusted computing

KW - trusted platform module

KW - trustworthy computing

KW - dialogue help

KW - password field

U2 - 10.1007/978-3-319-22846-4_7

DO - 10.1007/978-3-319-22846-4_7

M3 - Conference contribution book

SN - 9783319228457

VL - 9229

T3 - Lecture Notes in Computer Science

SP - 104

EP - 122

BT - Trust and Trustworthy Computing: 8th International Conference, TRUST 2015

A2 - Conti, Mauro

A2 - Schunter, Matthias

A2 - Askoxylakis, Ioannis

PB - Springer

CY - Cham

Y2 - 24 August 2015 through 26 August 2015

ER -

Volkamer M, Renaud K, Braun K, Canova G, Reinheimer B. Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness. In Conti M, Schunter M, Askoxylakis I, editors, Trust and Trustworthy Computing: 8th International Conference, TRUST 2015. 1 ed. Vol. 9229. Cham: Springer. 2015. p. 104-122. (Lecture Notes in Computer Science). Epub 2015 Jan 1. doi: 10.1007/978-3-319-22846-4_7

Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this