Notifying users about a system's data practices is supposed to enable users to make
informed privacy decisions. Yet, current notice and choice mechanisms, such as privacy …

It is important for organisations to ensure that their privacy policies are General Data
Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline …

Disinformation is proliferating on the internet, and platforms are responding by attaching
warnings to content. There is little evidence, however, that these warnings help users …

IT security systems often attempt to support users in taking a decision by communicating
associated risks. However, a lack of efficacy as well as problems with habituation in such …

HTTPS is one of the most important protocols used to secure communication and is,
fortunately, becoming more pervasive. However, especially the long tail of websites is still …

Security warning is a form of computer dialog communication that is used to inform the users
on the risks of allowing random applications to run on a computer system. Accordingly, it is …

Protecting communication content at scale is a difficult task, and TLS is the protocol most
commonly used to do so. However, it has been shown that deploying it in a truly secure …

While prior attempts at passwordless authentication on the web have required specialized
hardware, FIDO2's WebAuthn protocol lets users sign into websites with their smartphone …

Password-based authentication is the status quo on the web and beyond [6, 13, 14]—
despite its many known problems. This includes challenges around memorizing passwords …

Phishing, the deceptive act of stealing personal and sensitive information by sending
messages that seem to come from trusted entities, is one of the most widespread and …