I'm a researcher at UC Berkeley working with David Wagner. I'm interested in decision-making with regard to computer security, and then creating improved interfaces that help users make better security decisions.

Previously, I was a postdoc at Brown University working with Shriram Krishnamurthi on usable access control interfaces, specifically Facebook privacy settings. Before that I was a graduate student at Carnegie Mellon University advised by Lorrie Cranor, and a member of the CUPS Lab. I've also performed research at NIST, Microsoft Research, and Xerox PARC.

• S. Egelman. My Profile Is My Password, Verify Me! The Privacy/Convenience Tradeoff of Facebook Connect. CHI '13: Proceedings of the SIGCHI conference on Human Factors in Computing Systems. 2013.


• S. Egelman, A. Sotirakopoulos, I. Muslukhov, K. Beznosov, and C. Herley. Does My Password Go up to Eleven? The Impact of Password Meters on Password Selection. CHI '13: Proceedings of the SIGCHI conference on Human Factors in Computing Systems. 2013.


• A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner. Android Permissions: User Attention, Comprehension, and Behavior. The 2012 Symposium on Usable Privacy and Security (SOUPS). Best Paper Award!


• M. Johnson, S. Egelman, and S. M. Bellovin. Facebook and Privacy: It's Complicated. The 2012 Symposium on Usable Privacy and Security (SOUPS).


• J. Tsai, S. Egelman, L. Cranor, and A. Acquisti. The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Information Systems Research, 22(2), June 2011. Best Published Paper Award!


• J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, and L. Cranor. Crying Wolf: An Empirical Study of SSL Warning Effectiveness. The 18th USENIX Security Symposium. 2009.


• S. Schechter, A. J. Brush, and S. Egelman. It's No Secret: Measuring the reliability of authentication via 'secret' questions. The 2009 IEEE Symposium on Security and Privacy.


• S. Egelman, J. Tsai, L. Cranor, and A. Acquisti. Timing Is Everything? The Effects of Timing and Placement of Online Privacy Indicators. CHI '09: Proceedings of the SIGCHI conference on Human Factors in Computing Systems. 2009.


• S. Egelman, L. Cranor, and J. Hong. You've Been Warned: An Empirical Study on the Effectiveness of Web Browser Phishing Warnings. CHI '08: Proceedings of the SIGCHI conference on Human Factors in Computing Systems. 2008. Honorable Mention!

• Pop-Up Insecurity, CMU Press Release, 7 August 2009.
• Crying Wolf: Do Security Warnings Help? Study: Internet Users Immune to Pop-Up Security Warnings by Ki Mae Heussner, ABC News.com, 30 July 2009.
• Browser SSL Warnings Shown to be Ineffective by Angela Moscaritolo, SC Magazine, 28 July 2009.
• Research: Security Certificate Warnings Are Not Working by Steve Ragan, The Tech Herald, 28 July 2009.
• Web Users Ignoring Security Certificate Warnings by Tom Espiner, CNET News, 28 July 2009.
• Benign Security Warnings Have Trained Users to Ignore Them by Jacqui Cheng, Ars Technica, 27 July 2009.
• Security Certificate Warnings Don't Work, Researchers Say by Robert McMillan, Computer World, 24 July 2009.
• Personal Questions Undermine Webmail Security by Matthew Sparkes, PC Pro, 24 June 2009.
• Open Secrets about The Email 'Secret' Question, CyberMedia News, 23 June 2009.
• Study: Secret Questions Don't Safeguard Passwords, by Jeremy Kirk, PC World, 19 May 2009.
• Enhanced Privacy Measures Might Produce Bigger Profits by Robert Gellman, DMNews, 10 August 2007.
• Better Privacy Policies Can Make Money, Finds P3P Study, The Register, 12 June 2007.
• Online Shoppers Will Pay for Security by Teresa F. Lindeman, Pittsburgh Post-Gazette, 8 June 2007.
• Good Privacy Pays for Web Stores, BBC News, 7 June 2007.
• Americans Willing to Pay (A Little) More for Privacy by Nate Anderson, Ars Technica, 7 June 2007.
• Study: Shoppers Will Pay for Privacy by Candace Lombardi, CNET News, 7 June 2007.
• Privacy Premium Doesn't Faze Buyers by Tim Wilson, DarkReading, 7 June 2007.
• Online Shoppers Will Pay Extra To Protect Privacy, Carnegie Mellon Study Shows by Byron Spice, CMU Press Release, 7 June 2007.
• Shoppers Willing to Pay Extra for Privacy Confidence, Study Finds by Jon Brodkin, Network World, 6 June 2007.
• 10 Anti-Phishing Toolbars Evaluated by Mark Joseph Edwards, Windows IT Pro, 15 December 2006.
• Study Blasts Failing Phishing Toolbars by Shaun Nichols, Information World Review, 22 November 2006.
• AOL Is Caught in Its Own Long Tail by Richard W. Wiggins, Information Today, 14 August 2006.