In order for security and privacy tools to work, they must be easily and intuitively usable—by everyone. With research spanning from developing tools that enable users to create strong and memorable passwords to automatically summarizing long, verbose privacy policies into readable, digestible chunks, CyLab researchers are focusing on ways to make security and privacy not feel like a hard task for users, but an easy, enjoyable experience.
Usability @ CyLab
You added ‘!’ or ‘1’ to your password, thinking this made it strong. Science says no.
CyLab’s Lorrie Cranor, Nicolas Christin, Lujo Bauer, and their former students Blase Ur and Michelle Mazurek authored an article on their password research. The authors share ways that users can create stronger passwords, based on their research findings. Their recommendations include making your passwords at least 12 characters long and avoiding names of people, pets, places you've lived, and common words or phrases.
Cranor stresses the need to test privacy policies
At Enigma 2017, Lorrie Cranor stressed the importance of administering user testing on all privacy policies to ensure that users notice and understand them.
Manuel Blum advises: “Never memorize passwords. Compute them.”
“I never memorize passwords,” says Manuel Blum, a Turing Award-winning faculty in CyLab and a professor in the School of Computer Science at Carnegie Mellon University. “I may go to Amazon.com every other day, but I do not know my Amazon password. When I need it, I compute it.” Blum presented his ideas on password-computing algorithms at the USENIX Enigma Conference in Oakland, California.