Publication statistics

Pub. period:2009-2012
Pub. count:13
Number of co-authors:31



Co-authors

Number of publications with 3 favourite co-authors:

Lorrie Faith Cranor:10
Norman Sadeh:4
Saranga Komanduri:3

 

 

Productive colleagues

Patrick Gage Kelley's 3 most productive colleagues in number of publications:

John Zimmerman:51
Lorrie Faith Crano..:44
Jason I. Hong:36
 
 
 

Upcoming Courses

go to course
UI Design Patterns for Successful Software
88% booked. Starts in 7 days
go to course
Affordances: Designing Intuitive User Interfaces
87% booked. Starts in 8 days
 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

 
 
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
start reading
 
 
 
 
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
start reading
 
 

Patrick Gage Kelley

 

Publications by Patrick Gage Kelley (bibliography)

 what's this?
2012
 
Edit | Del

Shay, Richard, Kelley, Patrick Gage, Komanduri, Saranga, Mazurek, Michelle L., Ur, Blase, Vidas, Timothy, Bauer, Lujo, Christin, Nicolas and Cranor, Lorrie Faith (2012): Correct horse battery staple: exploring the usability of system-assigned passphrases. In: Proceedings of the 2012 Symposium on Usable Privacy and Security 2012. p. 7. Available online

Users tend to create passwords that are easy to guess, while system-assigned passwords tend to be hard to remember. Passphrases, space-delimited sets of natural language words, have been suggested as both secure and usable for decades. In a 1,476-participant online study, we explored the usability of 3- and 4-word system-assigned passphrases in comparison to system-assigned passwords composed of 5 to 6 random characters, and 8-character system-assigned pronounceable passwords. Contrary to expectations, system-assigned passphrases performed similarly to system-assigned passwords of similar entropy across the usability metrics we examined. Passphrases and passwords were forgotten at similar rates, led to similar levels of user difficulty and annoyance, and were both written down by a majority of participants. However, passphrases took significantly longer for participants to enter, and appear to require error-correction to counteract entry mistakes. Passphrase usability did not seem to increase when we shrunk the dictionary from which words were chosen, reduced the number of words in a passphrase, or allowed users to change the order of words.

© All rights reserved Shay et al. and/or their publisher

2011
 
Edit | Del

Kelley, Patrick Gage, Benisch, Michael, Cranor, Lorrie Faith and Sadeh, Norman (2011): When are users comfortable sharing locations with advertisers?. In: Proceedings of ACM CHI 2011 Conference on Human Factors in Computing Systems 2011. pp. 2449-2452. Available online

As smartphones and other mobile computing devices have increased in ubiquity, advertisers have begun to realize a more effective way of targeting users and a promising area for revenue growth: location-based advertising. This trend brings to bear new questions about whether or not users will adopt products involving this potentially invasive form of advertising and what sorts of protections they should be given. Our real-world user study of 27 participants echoes earlier findings that users have significant privacy concerns regarding sharing their locations with advertisers. However, we examine these concerns in more detail and find that they are complex (e.g., relating not only to the quantity of ads, but the locations and times at which they are received). With advanced privacy settings, users stated they would feel more comfortable and share more information than with a simple opt-in/opt-out mechanism.

© All rights reserved Kelley et al. and/or their publisher

 
Edit | Del

Komanduri, Saranga, Shay, Richard, Kelley, Patrick Gage, Mazurek, Michelle L., Bauer, Lujo, Christin, Nicolas, Cranor, Lorrie Faith and Egelman, Serge (2011): Of passwords and people: measuring the effect of password-composition policies. In: Proceedings of ACM CHI 2011 Conference on Human Factors in Computing Systems 2011. pp. 2595-2604. Available online

Text-based passwords are the most common mechanism for authenticating humans to computer systems. To prevent users from picking passwords that are too easy for an adversary to guess, system administrators adopt password-composition policies (e.g., requiring passwords to contain symbols and numbers). Unfortunately, little is known about the relationship between password-composition policies and the strength of the resulting passwords, or about the behavior of users (e.g., writing down passwords) in response to different policies. We present a large-scale study that investigates password strength, user behavior, and user sentiment across four password-composition policies. We characterize the predictability of passwords by calculating their entropy, and find that a number of commonly held beliefs about password composition and strength are inaccurate. We correlate our results with user behavior and sentiment to produce several recommendations for password-composition policies that result in strong passwords without unduly burdening users.

© All rights reserved Komanduri et al. and/or their publisher

 
Edit | Del

Wiese, Jason, Kelley, Patrick Gage, Cranor, Lorrie Faith, Dabbish, Laura, Hong, Jason I. and Zimmerman, John (2011): Are you close with me? are you nearby?: investigating social groups, closeness, and willingness to share. In: Proceedings of the 2011 International Conference on Uniquitous Computing 2011. pp. 197-206. Available online

As ubiquitous computing becomes increasingly mobile and social, personal information sharing will likely increase in frequency, the variety of friends to share with, and range of information that can be shared. Past work has identified that whom you share with is important for choosing whether or not to share, but little work has explored which features of interpersonal relationships influence sharing. We present the results of a study of 42 participants, who self-report aspects of their relationships with 70 of their friends, including frequency of collocation and communication, closeness, and social group. Participants rated their willingness to share in 21 different scenarios based on information a UbiComp system could provide. Our findings show that (a) self-reported closeness is the strongest indicator of willingness to share, (b) individuals are more likely to share in scenarios with common information (e.g. we are within one mile of each other) than other kinds of scenarios (e.g. my location wherever I am), and (c) frequency of communication predicts both closeness and willingness to share better than frequency of collocation.

© All rights reserved Wiese et al. and/or ACM Press

2010
 
Edit | Del

Shay, Richard, Komanduri, Saranga, Kelley, Patrick Gage, Leon, Pedro Giovanni, Mazurek, Michelle L., Bauer, Lujo, Christin, Nicolas and Cranor, Lorrie Faith (2010): Encountering stronger password requirements: user attitudes and behaviors. In: Proceedings of the 2010 Symposium on Usable Privacy and Security 2010. p. 2. Available online

Text-based passwords are still the most commonly used authentication mechanism in information systems. We took advantage of a unique opportunity presented by a significant change in the Carnegie Mellon University (CMU) computing services password policy that required users to change their passwords. Through our survey of 470 CMU computer users, we collected data about behaviors and practices related to the use and creation of passwords. We also captured users' opinions about the new, stronger policy requirements. Our analysis shows that, although most of the users were annoyed by the need to create a complex password, they believe that they are now more secure. Furthermore, we perform an entropy analysis and discuss how our findings relate to NIST recommendations for creating a password policy. We also examine how users answer specific questions related to their passwords. Our results can be helpful in designing better password policies that consider not only technical aspects of specific policy rules, but also users' behavior in response to those rules.

© All rights reserved Shay et al. and/or their publisher

 
Edit | Del

Toch, Eran, Cranshaw, Justin, Drielsma, Paul Hankes, Tsai, Janice Y., Kelley, Patrick Gage, Springfield, James, Cranor, Lorrie, Hong, Jason and Sadeh, Norman (2010): Empirical models of privacy in location sharing. In: Proceedings of the 2010 International Conference on Uniquitous Computing 2010. pp. 129-138. Available online

The rapid adoption of location tracking and mobile social networking technologies raises significant privacy challenges. Today our understanding of people's location sharing privacy preferences remains very limited, including how these preferences are impacted by the type of location tracking device or the nature of the locations visited. To address this gap, we deployed Locaccino, a mobile location sharing system, in a four week long field study, where we examined the behavior of study participants (n=28) who shared their location with their acquaintances (n=373.) Our results show that users appear more comfortable sharing their presence at locations visited by a large and diverse set of people. Our study also indicates that people who visit a wider number of places tend to also be the subject of a greater number of requests for their locations. Over time these same people tend to also evolve more sophisticated privacy preferences, reflected by an increase in time- and location-based restrictions. We conclude by discussing the implications our findings.

© All rights reserved Toch et al. and/or their publisher

 
Edit | Del

Toch, Eran, Cranshaw, Justin, Hankes-Drielsma, Paul, Springfield, Jay, Kelley, Patrick Gage, Cranor, Lorrie, Hong, Jason and Sadeh, Norman (2010): Locaccino: a privacy-centric location sharing application. In: Proceedings of the 2010 International Conference on Uniquitous Computing 2010. pp. 381-382. Available online

Locaccino is a location sharing application designed to empower users to effectively control their privacy. It has been piloted by close to 2000 users and has been used by researchers as an experimental platform for conducting research on location-based social networks. Featured technologies include expressive privacy rule creation, detailed feedback mechanisms that help users understand their privacy, algorithms for analyzing privacy preferences, and clients for mobile computers and smartphone devices. In addition, variations of Locaccino are also being piloted as part of research on user-controllable policy learning, learning usable privacy personas and reconciling expressiveness and user burden. The purpose of this demo is to introduce participants to the features of Locaccino, so that they can try out the Locaccino smartphone and laptop applications on their own devices, locate their friends and colleagues, and set rich privacy policies for sharing their location.

© All rights reserved Toch et al. and/or their publisher

 
Edit | Del

Kelley, Patrick Gage, Cesca, Lucian, Bresee, Joanna and Cranor, Lorrie Faith (2010): Standardizing privacy notices: an online study of the nutrition label approach. In: Proceedings of ACM CHI 2010 Conference on Human Factors in Computing Systems 2010. pp. 1573-1582. Available online

Earlier work has shown that consumers cannot effectively find information in privacy policies and that they do not enjoy using them. In our previous research we developed a standardized table format for privacy policies. We compared this standardized format, and two short variants (one tabular, one text) with the current status quo: full text natural-language policies and layered policies. We conducted an online user study of 764 participants to test if these three more-intentionally designed, standardized privacy policy formats, assisted by consumer education, can benefit consumers. Our results show that standardized privacy policy presentations can have significant positive effects on accuracy and speed of information finding and on reader enjoyment of privacy policies.

© All rights reserved Kelley et al. and/or their publisher

2009
 
Edit | Del

Kelley, Patrick Gage (2009): Designing a privacy label: assisting consumer understanding of online privacy practices. In: Proceedings of ACM CHI 2009 Conference on Human Factors in Computing Systems 2009. pp. 3347-3352. Available online

This project describes the continuing development of a Privacy Label to present to consumers the ways organizations collect, use, and share personal information. Several studies have indicated the importance of privacy for consumers, yet current mechanisms to present privacy policies of websites have not been successful. This research addresses the present gap in the communication and understanding of privacy policies, by creating an information design that improves the visual presentation and comprehensibility of privacy policies. Drawing from the nutrition, warning, and energy labeling, as well as from the effort towards creating a standardized banking privacy notification, I present the process and ongoing results of the development of a usable information design for privacy policies.

© All rights reserved Kelley and/or ACM Press

 
Edit | Del

Kelley, Patrick Gage, Bresee, Joanna, Cranor, Lorrie Faith and Reeder, Robert W. (2009): A "nutrition label" for privacy. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 4. Available online

We used an iterative design process to develop a privacy label that presents to consumers the ways organizations collect, use, and share personal information. Many surveys have shown that consumers are concerned about online privacy, yet current mechanisms to present website privacy policies have not been successful. This research addresses the present gap in the communication and understanding of privacy policies, by creating an information design that improves the visual presentation and comprehensibility of privacy policies. Drawing from nutrition, warning, and energy labeling, as well as from the effort towards creating a standardized banking privacy notification, we present our process for constructing and refining a label tuned to privacy. This paper describes our design methodology; findings from two focus groups; and accuracy, timing, and likeability results from a laboratory study with 24 participants. Our study results demonstrate that compared to existing natural language privacy policies, the proposed privacy label allows participants to find information more quickly and accurately, and provides a more enjoyable information seeking experience.

© All rights reserved Kelley et al. and/or ACM Press

 
Edit | Del

Benisch, Michael, Kelley, Patrick Gage, Sadeh, Norman, Sandholm, Tuomas, Tsai, Janice, Cranor, Lorrie Faith and Drielsma, Paul Hankes (2009): The impact of expressiveness on the effectiveness of privacy mechanisms for location-sharing. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 22. Available online

 
Edit | Del

Reeder, Robert W., Kelley, Patrick Gage, McDonald, Aleecia M. and Cranor, Lorrie Faith (2009): A user study of the expandable grid applied to P3P privacy policy visualization. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 42. Available online

 
Edit | Del

McDonald, Aleecia M., Reeder, Robert W., Kelley, Patrick Gage and Cranor, Lorrie Faith (2009): A comparative study of online privacy policies and formats. In: Proceedings of the 2009 Symposium on Usable Privacy and Security 2009. p. 46. Available online

 
Add publication
Show list on your website
 
 

Join our community and advance:

Your
Skills

Your
Network

Your
Career

 
Join our community!
 
 
 

Page Information

Page maintainer: The Editorial Team
URL: http://www.interaction-design.org/references/authors/patrick_gage_kelley.html