Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
2007
IEEE
2007
IEEE
The Emperor's New Security Indicators
We evaluate website authentication measures that are designed to protect users from man-in-the-middle, ‘phishing’, and other site forgery attacks. We asked 67 bank customers to conduct common online banking tasks. Each time they logged in, we presented increasingly alarming clues that their connection was insecure. First, we removed HTTPS indicators. Next, we removed the participant’s site-authentication image—the customer-selected image that many websites now expect their users to verify before entering their passwords. Finally, we replaced the bank’s password-entry page with a warning page. After each clue, we determined whether participants entered their passwords or withheld them. We also investigate how a study’s design affects participant behavior: we asked some participants to play a role and others to use their own accounts and passwords. We also presented some participants with security-focused instructions. We confirm prior findings that users ignore HTTPS indi...
Real-time TrafficRelated Content
| Added | 04 Jun 2010 |
| Updated | 04 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | SP |
| Authors | Stuart E. Schechter, Rachna Dhamija, Andy Ozment, Ian Fischer |
Comments (0)
Researcher Info
|
