[Colloq] Reminder (TODAY): Title: Improving Password Security and Usability with Data-Driven Approaches | Blase Ur, Carnegie Mellon University | 3/15/16 10:30-11:30am 366 WVH
Walker, Lashauna
la.walker at neu.edu
Tue Mar 15 07:37:41 EDT 2016
Title: Improving Password Security and Usability with Data-Driven Approaches
Speaker: Blase Ur, Carnegie Mellon University
Date: 3/15/16 Time: 10:30-11:30am Location: 366 WVH
Title: Improving Password Security and Usability with Data-Driven Approaches
Abstract:
Users often must make security and privacy decisions, yet are rarely equipped to do so. In my research, I aim to understand both computer systems and the humans who use them. Armed with this understanding, I design and build tools that help users protect their security and privacy.
In this talk, I will describe how I applied this research approach to password security and usability. As understanding what makes a password good or bad is crucial to this process, I will first discuss our work on metrics for password strength. These metrics commonly involve modeling password cracking, which we found often vastly underestimates passwords' vulnerability to cracking in the real world. We instead propose combining a series of carefully configured approaches, which we found to conservatively model real-world experts. We used these insights to implement a Password Guessability Service, which is already used by nearly two dozen research groups. I will then discuss our work on another key step to helping users create better passwords: understanding why humans create the passwords they do. I will focus on the impact of password-strength meters and users' perceptions of password security. By combining better metrics with an understanding of users, I show how we can design tools that guide users toward better passwords.
Bio:
Blase Ur is a Ph.D. candidate at Carnegie Mellon University's School of Computer Science, where he is advised by Lorrie Cranor. His research interests lie at the intersection of security, privacy, and human-computer interaction (HCI). In addition to his work on password security, he has studied numerous aspects of online privacy and the Internet of Things (IoT). Previously, he obtained his A.B. in Computer Science from Harvard University. He is the recipient of an NDSEG fellowship, a Fulbright scholarship, a Yahoo Key Scientific Challenges Award, the best paper award at UbiComp 2014, and honorable mentions for best paper at both CHI 2012 and CHI 2016.
Thank You.
LaShauna Walker
Events and Administrative Specialist
College of Computer and Information Science
Northeastern University
617-373-2763
Facebook<https://www.facebook.com/ccisatnu?ref=hl> | Instagram<https://instagram.com/ccisatnu/> | LinkedIn<https://www.linkedin.com/groups/Northeastern-University-College-Computer-Information-1943637?gid=1943637&mostPopular=&trk=tyah&trkInfo=idx%3A1-1-1%2CtarId%3A1426606862845%2Ctas%3ANortheastern+University+College+of+Com> | Twitter<https://twitter.com/CCISatNU>
More information about the Colloq
mailing list