Tag Index

We are excited to announce that we have a paper accepted at CHI ‘22. “It Basically Started Using Me:” An Observational Study of Password Manager Usage. In this paper, we find that many users simultaneously use both a browser-based and a third-party manager, using each as a backup for the...

We just had two excellent presentations on our research given at ACSAC 2021! You can view these talks on their respective pages. First, The Emperor’s New Autofill Framework: A Security Analysis of Autofill on iOS and Android. This paper examines the security of password autofill frameworks built into Android and...

We are excited to have two papers accepted at ACSAC 2021! First, The Emperor’s New Autofill Framework: A Security Analysis of Autofill on iOS and Android. This paper examines the security of password autofill frameworks built into Android and iOS, finding significant issues with each. Second, Systematization of Password Manager...

We would like to congratulate Yunhe Feng for having his paper SenCAPTCHA: A Mobile-First CAPTCHA Using Orientation Sensors published at UbiComp 2020. SenCAPTCHA is a mobile-first CAPTCHA system that works by displaying an animal picture to the user and having them rotate their phone to move a ball into the...

We would like to congratulate Sean Oesch for having his paper That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers published at the 2020 USENIX Security Symposium. This evaluation looks at the security of thirteen popular password managers and covers...

Jeremy Clark recently presented on our systematization of knowledge on securing email SoK: Securing Email—A Stakeholder-Based Analysis at the 2021 International Conference on Financial Cryptography and Data Security (FC). This paper helps describe the evolution of secure email, the challenges preventing widespread adoption, and directions for future project. Click on...

Sean Oesch recently presented on his paper Understanding User Perceptions of Security and Privacy for Group Chat: A Survey of Users in the US and UK at the 2020 Annual Computer Security Applications Conference (ACSAC). This paper examines how users view secure group chat, identifying their key concerns, and exploring...

Sean Oesch recently presented on his paper That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers at the 2020 USENIX Security Symposium. You can watch the video here.

We are excited to announce that we have received two NSF grants supporting our research.