Users' conceptions of web security: A comparative study

Batya Friedman, David Hurley, Daniel C. Howe, Edward William Felten, Helen Nissenbaum

Research output: Chapter in Book/Report/Conference proceedingConference contribution

82 Scopus citations


This study characterizes users' conceptions of web security. Seventy-two individuals, 24 each from a rural community in Maine, a suburban professional community in New Jersey, and a high-technology community in California, participated in an extensive (2-hour) semi-structured interview (including a drawing task) about Web security. The results show that many users across the three diverse communities mistakenly evaluated whether a connection is secure or not secure. Empirically-derived typologies are provided for (1) conceptions of security based on users' verbal reasoning, (2) the types of evidence users depend upon in evaluating whether a connection is secure, and (3) conceptions of security as portrayed in users' drawings. Design implications are discussed.

Original languageEnglish (US)
Title of host publicationConference on Human Factors in Computing Systems - Proceedings
EditorsL. Terveen, D. Wixon, E. Comstock, A. Sasse
Number of pages2
StatePublished - Dec 1 2002
EventConference on Human Factors in Computing Systems - Minneapolis, MN, United States
Duration: Apr 20 2002Apr 25 2002


OtherConference on Human Factors in Computing Systems
CountryUnited States
CityMinneapolis, MN

All Science Journal Classification (ASJC) codes

  • Software
  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design

Cite this