Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology

Usability & human factors

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 26 - 50 of 223

Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues

August 7, 2023

Author(s)

Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp

Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues

Youth understandings of online privacy and security: A dyadic study of children and their parents

August 7, 2023

Author(s)

Olivia Williams, Yee-Yin Choong, Kerrianne Buchanan

With youth increasingly accessing and using the internet, it is important to understand what they know about online privacy and security (OPS), and from where they gain this knowledge in order to best support their learning and online practices. Currently

Cybersecurity Definitions for Non-Experts

August 6, 2023

Author(s)

Lorenzo Neil, Julie Haney, Kerrianne Buchanan, Charlotte Healy

Despite the importance of cybersecurity, there is no standard definition nor common terminology for explaining cybersecurity. Existing definitions largely target academics or technical experts but not non-experts (those without cybersecurity proficiency)

Mind the Gap: Exploring Human-Centered Security Researcher-Practitioner Interactions (Extended Abstract)

August 6, 2023

Author(s)

Clyburn Cunningham, Susanne M. Furman, Julie Haney

Our work-in-progress study aims to develop an understanding of current researcher-practitioner interaction points and associated challenges throughout the entire human-centered security research life cycle.

Measuring the Effectiveness of U.S. Government Security Awareness Programs: A Mixed-Methods Study

July 31, 2023

Author(s)

Jody Jacobs, Julie Haney, Susanne M. Furman

This paper presents our research from our mixed-methods study analyzing how organizations determine security awareness program effectiveness. This paper is being submitted to the 10TH International Conference on HCI in Business, Government and

'They're not risky' vs 'It can ruin your whole life': How youth/parent dyads differ in their understandings of online risk

July 23, 2023

Author(s)

Olivia Williams, Kerrianne Buchanan, Yee-Yin Choong

Encountering and/or engaging in risky online behavior is an inherent aspect of being an online user. In particular, youth are vulnerable to such risky be-havior, making it important to know how they understand and think about this risk-taking behavior

Data Guardians: Behaviors and Challenges While Caring for Others' Personal Data

July 23, 2023

Author(s)

Julie Haney, Sandra Prettyman, Mary Frances Theofanos, Susanne M. Furman

Many professional domains require the collection and use of personal data. Protecting systems and data is a major concern in these settings, necessitating that workers who handle personal data under- stand and practice good security and privacy habits

Parents, passwords, and parenting: How parents think about passwords and are involved in their children's password practices

July 23, 2023

Author(s)

Yee-Yin Choong, Kerrianne Buchanan, Olivia Williams

Though much is known about how adults understand and use passwords, little research attention has been paid specifically to parents or, more importantly, to how parents influence their children's password practices. To better understand both the password

Smart Home Device Loss of Support: Consumer Perspectives and Preferences

July 23, 2023

Author(s)

Julie Haney, Susanne M. Furman

Unsupported smart home devices can pose serious safety and security issues for consumers. However, unpatched and vulnerable devices may remain connected because consumers may not be alerted that their devices are no longer supported or do not understand

Analyzing Cybersecurity Definitions for Non-experts

July 4, 2023

Author(s)

Lorenzo Neil, Julie Haney, Kerrianne Buchanan

There is no standard definition for cybersecurity, with current definitions often being technically-complex and targeted at practitioners and academics. However, non-experts (those who do not have security expertise) need an understandable definition to

A Generic STS Viewer on the Web

June 13, 2023

Author(s)

Wendell Piez

In an alternate universe, XML (1998) and XSLT 1.0 (1999) were not developed so early, and did not have to wait for the rest of the web to catch up. In ours, it took two decades before other critically important pieces of the puzzle – CSS, DOM, ECMAScript

IoT Cybersecurity Labels: Lessons Learned When Applying Human-Centered Research to Practice

May 23, 2023

Author(s)

Julie Haney

This presentation will describe the development of consumer-focused IoT cybersecurity label criteria in response to a U.S. Presidential Executive Order. The talk will include a discussion of the value of leveraging human-centered IoT research insights

User Perceptions and Experiences with Smart Home Updates

May 22, 2023

Author(s)

Julie Haney, Susanne M. Furman

Updates may be one of the few tools consumers have to mitigate security and privacy vulnerabilities in smart home devices. However, little research has been undertaken to understand users' perceptions and experiences with smart home updates. To address

Phishing With a Net: The NIST Phish Scale and Cybersecurity Awareness

April 25, 2023

Author(s)

Shanee Dawkins, Jody Jacobs

Orienting an entire organization toward sound security practices is an important, but non-trivial undertaking. A starting point for many organizations is to build a robust security awareness program, training employees to recognize and respond to security