[69]
Elissa M. Redmiles. “Should I Worry?” A Cross-
Cultural Examination of Account Security Incident Re-
sponse. In IEEE Symposium on Security and Privacy,
SP ’19, pages 920–934, San Francisco, California, USA,
May 2019. IEEE.
[70]
Elissa M. Redmiles, Neha Chachra, and Brian Wais-
meyer. Examining the Demand for Spam: Who Clicks?
In ACM Conference on Human Factors in Computing
Systems, CHI ’18, pages 212:1–212:10, Montreal, Que-
bec, Canada, April 2018. ACM.
[71]
Elissa M. Redmiles, Everest Liu, and Michelle L.
Mazurek. You Want Me To Do What? A Design
Study of Two-Factor Authentication Messages. In
Who Are You?! Adventures in Authentication Workshop,
WAY ’17, pages 1–5, Santa Clara, California, USA,
August 2017.
[72]
Elissa M. Redmiles, Amelia R. Malone, and Michelle L.
Mazurek. I Think They’re Trying to Tell Me Something:
Advice Sources and Selection for Digital Security. In
IEEE Symposium on Security and Privacy, SP ’16, pages
272–288, San Jose, California, USA, May 2016. IEEE.
[73]
Elissa M. Redmiles, Michelle L. Mazurek, and John P.
Dickerson. Dancing Pigs or Externalities? Measuring
the Rationality of Security Decisions. In ACM Confer-
ence on Economics and Computation, EC ’18, pages
215–232, Ithaca, New York, USA, June 2018. ACM.
[74]
Robert W. Reeder, Adrienne Porter Felt, Sunny Con-
solvo, Nathan Malkin, Christopher Thompson, and
Serge Egelman. An Experience Sampling Study of
User Reactions to Browser Warnings in the Field. In
ACM Conference on Human Factors in Computing Sys-
tems, CHI ’18, pages 512:1–512:13, Montreal, Quebec,
Canada, April 2018. ACM.
[75]
Ken Reese, Trevor Smith, Jonathan Dutson, Jonathan
Armknecht, Jacob Cameron, and Kent Seamons. A Us-
ability Study of Five Two-Factor Authentication Meth-
ods. In Symposium on Usable Privacy and Security,
SOUPS ’19, pages 357–370, Santa Clara, California,
USA, August 2019. USENIX.
[76]
Joshua Reynolds, Nikita Samarin, Joseph Barnes, Taylor
Judd, Joshua Mason, Michael Bailey, and Serge Egel-
man. Empirical Measurement of Systemic 2FA Usabil-
ity. In USENIX Security Symposium, SSYM ’20, pages
127–143, Virtual Conference, August 2020. USENIX.
[77]
Joshua Reynolds, Trevor Smith, Ken Reese, Luke Dick-
inson, Scott Ruoti, and Kent E. Seamons. A Tale of
Two Studies: The Best and Worst of YubiKey Usability.
In IEEE Symposium on Security and Privacy, SP ’18,
pages 872–888, San Francisco, California, USA, May
2018. IEEE.
[78]
Ronald W. Rogers and Steven Prentice-Dunn. Protec-
tion Motivation Theory. In David S. Gochman, editor,
Handbook of Health Behavior Research I: Personal and
Social Determinants, pages 113–132. Plenum Press,
New York, New York, USA, August 1997.
[79]
Scott Ruoti, Nathan Kim, Ben Burgon, Timothy van der
Horst, and Kent Seamons. Confused Johnny: When
Automatic Encryption Leads to Confusion and Mis-
takes. In Symposium on Usable Privacy and Security,
SOUPS ’13, pages 5:1–5:12, Newcastle, United King-
dom, July 2013. ACM.
[80]
Navdeep S. Sahni, S. Christian Wheeler, and Pradeep K.
Chintagunta. Personalization in Email Marketing: The
Role of Non-Informative Advertising Content. Techni-
cal Report 3409, Stanford University Graduate School
of Business, February 2016.
[81]
Steve Sheng, Bryant Magnien, Ponnurangam Ku-
maraguru, Alessandro Acquisti, Lorrie Faith Cranor,
Jason Hong, and Elizabeth Nunge. Anti-Phishing Phil:
The Design and Evaluation of a Game That Teaches
People Not to Fall for Phish. In Symposium on Us-
able Privacy and Security, SOUPS ’07, pages 88–99,
Pittsburgh, Pennsylvania, USA, July 2007. ACM.
[82]
Imani N. Sherman, Elissa M. Redmiles, and Jack W.
Stokes. Designing Indicators to Combat Fake Media.
CoRR, abs/2010.00544:1–26, October 2020.
[83]
Brian Stanton, Mary F. Theofanos, Sandra Spickard
Prettyman, and Susanne Furman. Security Fatigue. IT
Professional, 18(5):26–32, September 2016.
[84]
Dennis Strouble, Gregory M. Shechtman, and Alan S.
Alsop. Productivity and Usability Effects of Using a
Two-Factor Security System. In Southern Association
for Information Systems Conference, SAIS ’09, pages
196–201, Charleston, South Carolina, USA, March
2009. AIS.
[85]
Mary Theofanos, Simson Garfinkel, and Yee-Yin
Choong. Secure and Usable Enterprise Authentica-
tion: Lessons from the Field. IEEE Security & Privacy,
14(5):14–21, September 2016.
[86]
Kurt Thomas, Jennifer Pullman, Kevin Yeo, Ananth
Raghunathan, Patrick Gage Kelley, Luca Invernizzi,
Borbala Benko, Tadek Pietraszek, Sarvar Patel, Dan
Boneh, and Elie Bursztein. Protecting Accounts From
Credential Stuffing With Password Breach Alerting.
In USENIX Security Symposium, SSYM ’19, pages
1556–1571, Santa Clara, California, USA, August 2019.
USENIX.
USENIX Association 30th USENIX Security Symposium 125