Contact

All Stories

  1. Notice and Choice Cannot Stand Alone

    Article • Communications of the ACM, November 2024, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  2. A US-UK Usability Evaluation of Consent Management Platform Cookie Consent Interface Design on Desktop and Mobile

    Article • April 2023, ACM (Association for Computing Machinery)

    Elijah Bouma-Sims, Dr. Lorrie Faith Cranor

  3. Identifying User Needs for Advertising Controls on Facebook

    Article • Proceedings of the ACM on Human-Computer Interaction, March 2022, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  4. A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research

    Article • ACM Transactions on Computer-Human Interaction, December 2021, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  5. Toggles, Dollar Signs, and Triangles: How to (In)Effectively Convey Privacy Choices with Icons and Link Texts

    Article • May 2021, ACM (Association for Computing Machinery)

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  6. “You Gotta Watch What You Say”: Surveillance of Communication with Incarcerated People

    Article • May 2021, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  7. HCI Ethics, Privacy, Accessibility, and the Environment: A Town Hall Forum on Global Policy Issues

    Article • April 2020, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Vicki Hanson

  8. "It's a scavenger hunt": Usability of Websites' Opt-Out and Data Deletion Choices

    Article • April 2020, ACM (Association for Computing Machinery)

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  9. Informing the Design of a Personalized Privacy Assistant for the Internet of Things

    Article • April 2020, ACM (Association for Computing Machinery)

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  10. Exploring How Privacy and Security Factor into IoT Device Purchase Behavior

    Article • May 2019, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Harold Dixon

  11. The Influence of Friends and Experts on Privacy Decision Making in IoT Scenarios

    Article • Proceedings of the ACM on Human-Computer Interaction, November 2018, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  12. Nudges for Privacy and Security

    Article • ACM Computing Surveys, May 2018, ACM (Association for Computing Machinery)

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  13. Exploring Topic-Based Sharing Mechanisms

    Article • May 2017, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  14. Design and Evaluation of a Data-Driven Password Meter

    Article • May 2017, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Harold Dixon

  15. A Large-Scale Evaluation of U.S. Financial Institutions’ Standardized Privacy Notices

    Article • ACM Transactions on the Web, August 2016, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  16. Do Users' Perceptions of Password Security Match Reality?

    Article • May 2016, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  17. Supporting Privacy-Conscious App Update Decisions with User Reviews

    Article • October 2015, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  18. I Would Like To..., I Shouldn't..., I Wish I...

    Article • February 2015, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  19. Biometric Authentication on iPhone and Android: Usability, Perceptions, and Influences on Adoption

    Article • January 2015, Internet Society

    Dr. Lorrie Faith Cranor

  20. Spaced Repetition and Mnemonics Enable Recall of Multiple Strong Passwords

    Article • January 2015, Internet Society

    Dr. Lorrie Faith Cranor

  21. Better Together: Usability and Security Go Hand in Hand

    Article • IEEE Security & Privacy, November 2014, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  22. General Requirements of a Hybrid-Modeling Framework for Cyber Security

    Article • October 2014, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  23. Improving App Privacy: Nudging App Developers to Protect User Privacy

    Article • IEEE Security & Privacy, July 2014, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  24. A field trial of privacy nudges for facebook

    Article • April 2014, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  25. Can long passwords be secure and usable?

    Article • April 2014, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  26. Electronic privacy and surveillance

    Article • April 2014, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  27. The Privacy and Security Behaviors of Smartphone App Developers

    Article • January 2014, Internet Society

    Dr. Lorrie Faith Cranor

  28. Is Your Inseam a Biometric? A Case Study on the Role of Usability Studies in Developing Public Policy

    Article • January 2014, Internet Society

    Dr. Lorrie Faith Cranor

  29. The post anachronism

    Article • November 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  30. Privacy Engineering Emerges as a Hot New Career

    Article • IEEE Potentials, November 2013, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  31. Privacy manipulation and acclimation in a location sharing application

    Article • September 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  32. "i read my Twitter the next morning and was astonished"

    Article • April 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  33. Privacy as part of the app decision-making process

    Article • April 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  34. A Shortage of Privacy Engineers

    Article • IEEE Security & Privacy, March 2013, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  35. "Little brothers watching you"

    Article • January 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  36. Measuring password guessability for an entire university

    Article • January 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  37. QRishing: The Susceptibility of Smartphone Users to QR Code Phishing Attacks

    Article • January 2013, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  38. The Impact of Length and Mathematical Operators on the Usability and Security of System-Assigned One-Time PINs

    Article • January 2013, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  39. The post that wasn't

    Article • January 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  40. What matters to users?

    Article • January 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  41. Your attention please

    Article • January 2013, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  42. Out of sight, out of mind: Effects of displaying access-control information near the item it controls

    Article • July 2012, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  43. Tag, you can see it!

    Article • May 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  44. Why Johnny can't opt out

    Article • May 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  45. Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms

    Article • May 2012, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  46. Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems

    Article • User Modeling and User-Adapted Interaction, March 2012, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  47. Can Users Control Online Behavioral Advertising Effectively?

    Article • IEEE Security & Privacy, March 2012, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  48. A Conundrum of Permissions: Installing Applications on an Android Smartphone

    Article • January 2012, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  49. Correct horse battery staple

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  50. Operating system framed in case of mistaken identity

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  51. Smart, useful, scary, creepy

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  52. Studying access-control usability in the lab

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  53. What do online behavioral advertising privacy disclosures communicate to users?

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  54. {Privacy, privacidad, Приватност} policies in social media

    Article • January 2012, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  55. CANTINA+

    Article • ACM Transactions on Information and System Security, September 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  56. The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study

    Article • Information Systems Research, June 2011, INFORMS

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  57. Exploring reactive access control

    Article • May 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  58. More than skin deep

    Article • May 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  59. Of passwords and people

    Article • May 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  60. When are users comfortable sharing locations with advertisers?

    Article • May 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  61. Usability of Forensics Tools: A User Study

    Article • May 2011, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  62. Bridging the Gap in Computer Security Warnings: A Mental Model Approach

    Article • IEEE Security & Privacy, March 2011, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  63. "I regretted the minute I pressed share"

    Article • January 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  64. Adapt-a-ride

    Article • January 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  65. An Investigation into Facebook Friend Grouping

    Article • January 2011, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  66. Are you close with me? are you nearby?

    Article • January 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  67. I know where you live

    Article • January 2011, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  68. Improving Computer Security Dialogs

    Article • January 2011, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  69. Who Is Concerned about What? A Study of American, Chinese and Indian Users’ Privacy Concerns on Social Network Sites

    Article • January 2011, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  70. Capturing location-privacy preferences: quantifying accuracy and user-burden tradeoffs

    Article • Personal Technologies, December 2010, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  71. Empirical models of privacy in location sharing

    Article • September 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  72. CS expertise for institutional review boards

    Article • Communications of the ACM, August 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  73. Institutional review boards and your research

    Article • Communications of the ACM, June 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  74. Teaching Johnny not to fall for phish

    Article • ACM Transactions on Internet Technology, May 2010, ACM (Association for Computing Machinery)

    Alessandro Acquisti, Dr. Lorrie Faith Cranor

  75. Access control for home data sharing

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  76. Americans' attitudes about internet behavioral advertising practices

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  77. Are your participants gaming the system?

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  78. Encountering stronger password requirements

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  79. Ethical Concerns in Computer Security and Privacy Research Involving Human Subjects

    Article • January 2010, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  80. Locaccino

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  81. Standardizing privacy notices

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  82. Token attempt

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  83. Who falls for phish?

    Article • January 2010, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  84. Improving phishing countermeasures: An analysis of expert interviews

    Article • October 2009, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  85. Real life challenges in access-control management

    Article • April 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  86. Timing is everything?

    Article • April 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  87. Who's viewed you?

    Article • April 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  88. A "nutrition label" for privacy

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  89. A Comparative Study of Online Privacy Policies and Formats

    Article • January 2009, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  90. A user study of the expandable grid applied to P3P privacy policy visualization

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  91. Analyzing use of privacy policy attributes in a location sharing application

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  92. Engineering Privacy

    Article • IEEE Transactions on Software Engineering, January 2009, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  93. School of phish

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  94. The impact of privacy indicators on search engine browsing patterns

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  95. Who's viewed you?

    Article • January 2009, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  96. A Survey to Guide Group Key Protocol Development

    Article • December 2008, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  97. Understanding and capturing people’s privacy policies in a mobile social networking application

    Article • Personal Technologies, October 2008, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  98. Lessons from a real world evaluation of anti-phishing training

    Article • October 2008, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  99. P3P deployment on websites

    Article • Electronic Commerce Research and Applications, September 2008, Elsevier

    Dr. Lorrie Faith Cranor

  100. A user study of policy creation in a flexible access-control system

    Article • April 2008, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  101. Expandable grids for visualizing and authoring computer security policies

    Article • April 2008, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  102. You've been warned

    Article • April 2008, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  103. A user study of the expandable grid applied to P3P privacy policy visualization

    Article • January 2008, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  104. User-controllable learning of security and privacy policies

    Article • January 2008, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  105. Forum

    Article • Communications of the ACM, October 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  106. Protecting people from phishing

    Article • April 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  107. User-Controllable Security and Privacy for Pervasive Computing

    Article • March 2007, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  108. Anti-Phishing Phil

    Article • January 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  109. Behavioral response to phishing risk

    Article • January 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  110. Cantina

    Article • January 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  111. Getting users to pay attention to anti-phishing education

    Article • January 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  112. Lessons learned from the deployment of a smartphone-based access-control system

    Article • January 2007, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  113. User interfaces for privacy agents

    Article • ACM Transactions on Computer-Human Interaction, June 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  114. What do they "indicate?"

    Article • interactions, May 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  115. An analysis of P3P-enabled web sites among top-20 search results

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  116. Decision strategies and susceptibility to phishing

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  117. Human selection of mnemonic phrase-based passwords

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  118. Power strips, prophylactics, and privacy, oh my!

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  119. Privacy in India: Attitudes and Awareness

    Article • January 2006, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  120. Privacy patterns for online interactions

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor, Alessandro Acquisti

  121. Vicarious infringement creates a privacy ceiling

    Article • January 2006, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  122. Giving notice: why privacy policies and security breach notifications aren't enough

    Article • IEEE Communications Magazine, August 2005, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  123. Peripheral privacy notifications for wireless networks

    Article • January 2005, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  124. Searching for Privacy: Design and Implementation of a P3P-Enabled Search Engine

    Article • January 2005, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  125. Guest Editors' Introduction: Secure or Usable?

    Article • IEEE Security & Privacy, September 2004, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  126. An analysis of security vulnerabilities in the movie production and distribution process

    Article • Telecommunications Policy, August 2004, Elsevier

    Dr. Lorrie Faith Cranor

  127. I Didn’t buy It for Myself

    Article • January 2004, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  128. P3P: making privacy policies more useful

    Article • IEEE Security & Privacy, November 2003, Institute of Electrical & Electronics Engineers (IEEE)

    Dr. Lorrie Faith Cranor

  129. Analysis of security vulnerabilities in the movie production and distribution process

    Article • January 2003, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  130. Automated analysis of P3P-enabled Web sites

    Article • January 2003, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  131. In Search of the Perfect Voting Technology: No Easy Answers

    Article • January 2003, Springer Science + Business Media

    Dr. Lorrie Faith Cranor

  132. Letter from the Special Section Editor

    Article • The Information Society, May 2002, Taylor & Francis

    Dr. Lorrie Faith Cranor

  133. The role of privacy advocates and data protection authorities in the design and deployment of the platform for privacy preferences

    Article • January 2002, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  134. Use of a P3P user agent by early adopters

    Article • January 2002, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  135. The architecture of robust publishing systems

    Article • ACM Transactions on Internet Technology, November 2001, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  136. Internet voting for public officials: introduction

    Article • Communications of the ACM, January 2001, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  137. Voting after Florida

    Article • Ubiquity, January 2001, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  138. Influencing software usage

    Article • April 2000, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  139. Internet privacy

    Article • Communications of the ACM, February 1999, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  140. Privacy critics

    Article • January 1999, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  141. Privacy in e-commerce

    Article • January 1999, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  142. Putting it together

    Article • netWorker, June 1998, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor

  143. Laws, self-relf-regulation, and P3P: will W3C's privacy platform help make the Web safe for privacy?

    Article • Computer Networks and ISDN Systems, April 1998, Elsevier

    Dr. Lorrie Faith Cranor

  144. Research posters 101

    Article • XRDS Crossroads The ACM Magazine for Students, November 1996, ACM (Association for Computing Machinery)

    Dr. Lorrie Faith Cranor