{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T17:06:29Z","timestamp":1775667989255,"version":"3.50.1"},"reference-count":112,"publisher":"Informa UK Limited","issue":"10","funder":[{"DOI":"10.13039\/501100002347","name":"German Federal Ministry of Education and Research","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002385","name":"Hessian Ministry of Higher Education, Research, Science and the Arts","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002385","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Research Center for Applied Cybersecurity ATHENE"},{"DOI":"10.13039\/501100001659","name":"Centre Responsible Digitality","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]},{"name":"DFG, German Research Foundation"}],"content-domain":{"domain":["www.tandfonline.com"],"crossmark-restriction":true},"short-container-title":["Behaviour &amp; Information Technology"],"published-print":{"date-parts":[[2022,7,27]]},"DOI":"10.1080\/0144929x.2022.2080908","type":"journal-article","created":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T10:54:30Z","timestamp":1654167270000},"page":"2035-2048","update-policy":"https:\/\/doi.org\/10.1080\/tandf_crossmark_01","source":"Crossref","is-referenced-by-count":26,"title":["A quarter century of usable security and privacy research: transparency, tailorability, and the road ahead"],"prefix":"10.1080","volume":"41","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1920-038X","authenticated-orcid":false,"given":"Christian","family":"Reuter","sequence":"first","affiliation":[{"name":"Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt, Darmstadt, Hessen, Germany"}]},{"given":"Luigi Lo","family":"Iacono","sequence":"additional","affiliation":[{"name":"Cyber Security and Privacy, Hochschule Bonn-Rhein-Sieg University of Applied Sciences, Sankt Augustin Germany"}]},{"given":"Alexander","family":"Benlian","sequence":"additional","affiliation":[{"name":"Information Systems & E-Services, Technical University of Darmstadt, Darmstadt, Germany"}]}],"member":"301","published-online":{"date-parts":[[2022,6,2]]},"reference":[{"key":"CIT0001","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174156"},{"key":"CIT0002","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2013.86"},{"key":"CIT0003","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"key":"CIT0004","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW51379.2020.00025"},{"key":"CIT0005","doi-asserted-by":"publisher","DOI":"10.1145\/3411764.3445574"},{"key":"CIT0006","doi-asserted-by":"publisher","DOI":"10.1145\/2702613.2732701"},{"key":"CIT0007","author":"Bicz\u00f3k Gergely","year":"2021","journal-title":"Computers and Security"},{"key":"CIT0008","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-44760-5_9"},{"key":"CIT0009","doi-asserted-by":"publisher","DOI":"10.1177\/1948550612455931"},{"key":"CIT0010","doi-asserted-by":"publisher","DOI":"10.1002\/hbe2.281"},{"key":"CIT0011","unstructured":"Brown, Barry. 2001, Marh 26. \u201cStudying the Internet Experience.\u201d Research Report HPL-2001-49. HP Laboratories Bristol. 24 pages."},{"key":"CIT0012","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2015.23009"},{"key":"CIT0013","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300733"},{"key":"CIT0014","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300789"},{"key":"CIT0015","unstructured":"Cranor, Lorrie Faith, Adam L. Durity, Abigail Marsh, and Blase Ur. 2014. \u201cParents' and Teens' Perspectives on Privacy In a Technology-Filled World.\u201d In Proceedings of the 10th Symposium On Usable Privacy and Security (SOUPS, 19\u201335."},{"key":"CIT0016","volume-title":"Security and Usability: Designing Secure Systems That People Can Use","author":"Cranor Lorrie Faith","year":"2005"},{"key":"CIT0017","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858214"},{"key":"CIT0018","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858265"},{"key":"CIT0019","doi-asserted-by":"publisher","DOI":"10.1145\/2841113.2841115"},{"key":"CIT0020","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3132398"},{"key":"CIT0021","unstructured":"Emami-Naeini, Pardis, Tiona Francisco, Tadayoshi Kohno, and Franziska Roesner. 2021. \u201cUnderstanding Privacy Attitudes and Concerns Towards Remote Communications During the {COVID-19}.\u201d In Proceedings of the 17th Symposium on Usable Privacy and Security (SOUPS), 695\u2013714."},{"key":"CIT0022","unstructured":"Farke, Florian M., Lennart Lorenz, Theodor Schnitzler, Philipp Markert, and Markus D\u00fcrmuth. 2020. \u201c\u2018You Still Use the Password After All\u2019 \u2013 Exploring FIDO2 Security Keys in a Small Company.\u201d In Sixteenth Symposium on Usable Privacy and Security (SOUPS '20), 19\u201335. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2020\/presentation\/farke."},{"key":"CIT0023","unstructured":"Franz, Anjuli, Gregor Albrecht, Verena Zimmermann, Katrin Hartwig, Christian Reuter, Alexander Benlian, and Joachim Vogt. 2021. \u201cStill Plenty of Phish in the Sea \u2013 A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research.\u201d In Proceedings of the Symposium on Usable Privacy and Security (SOUPS), 339\u2013358."},{"key":"CIT0024","unstructured":"Frik, Alisa, Leysan Nurgalieva, Julia Bernd, Joyce Lee, Florian Schaub, and Serge Egelman. 2019. \u201cPrivacy and Security Threat Models and Mitigation Strategies of Older Adults.\u201d In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), 21\u201340. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2019\/presentation\/frik."},{"key":"CIT0025","doi-asserted-by":"crossref","unstructured":"Ganster, Daniel C., Richard W. Woodman, Jerome Adams, Michael McCuddy, Howard Fromkin, and Paul D. Tolchinsky. 1979. \u201cInformation Privacy in Organizations: An Examination of Employee Perceptions and Attitudes.\u201d In Proceedings of the 39th Annual Conference of the National Academy of Management, 262\u2013266.","DOI":"10.5465\/ambpp.1979.4977171"},{"key":"CIT0026","doi-asserted-by":"publisher","DOI":"10.1126\/sciadv.1701172"},{"key":"CIT0027","doi-asserted-by":"publisher","DOI":"10.2200\/S00594ED1V01Y201408SPT011"},{"key":"CIT0028","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.04.002"},{"key":"CIT0029","unstructured":"Gerlitz, Eva, Maximilian H\u00e4ring, and Matthew Smith. 2021. \u201cPlease Do Not Use !?_ or Your License Plate Number: Analyzing Password Policies in German Companies.\u201d In Seventeenth Symposium on Usable Privacy and Security (SOUPS '21), 17\u201336. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/gerlitz."},{"key":"CIT0030","unstructured":"Golla, Maximilian, Grant Ho, Marika Lohmus, Monica Pulluri, and Elissa M. Redmiles. 2021. \u201cDriving 2FA Adoption at Scale: Optimizing Two-Factor Authentication Notification Design Patterns.\u201d In 30th USENIX Security Symposium (USENIX Security '21). USENIX Association. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/golla."},{"key":"CIT0031","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3094171"},{"key":"CIT0032","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2016.111"},{"key":"CIT0033","doi-asserted-by":"publisher","DOI":"10.1145\/3411764.3445387"},{"key":"CIT0034","unstructured":"Hartwig, Katrin, and Christian Reuter. 2019. \u201cTrustyTweet: An Indicator-Based Browser-Plugin to Assist Users in Dealing with Fake News on Twitter.\u201d In Proceedings of the International Conference on Wirtschaftsinformatik (WI), 1858\u20131869."},{"key":"CIT0035","doi-asserted-by":"publisher","DOI":"10.1080\/0144929X.2021.1876167"},{"key":"CIT0036","unstructured":"Hasegawa, Ayako A., Naomi Yamashita, Mitsuaki Akiyama, and Tatsuya Mori. 2021. \u201cWhy They Ignore English Emails: The Challenges of Non-Native Speakers in Identifying Phishing Emails.\u201d In Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021), 319\u2013338. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/hasegawa."},{"key":"CIT0037","unstructured":"Hayes, Jordan, Smirity Kaushik, Charlotte Emily Price, and Yang Wang. 2019. \u201cCooperative Privacy and Security: Learning from People with Visual Impairments and Their Allies.\u201d In Proceedings of the Fifteenth Symposium on Usable Privacy and Security (SOUPS), 1\u201320."},{"key":"CIT0038","doi-asserted-by":"publisher","DOI":"10.1145\/604596.604598"},{"key":"CIT0039","unstructured":"Jeske, Debora, Lynne Coventry, and Pam Briggs. 2014, April. \u201cNudging Whom How: IT Proficiency, Impulse Control and Secure Behaviour.\u201d In Proceedings of the CHI Workshop on Personalizing Behavior Change Technologies, 1\u20134."},{"key":"CIT0040","unstructured":"Kaiser, Ben, Jerry Wei, Elena Lucherini, Kevin Lee, Nathan Matias, and Jonathan Mayer. 2021. \u201cAdapting Security Warnings to Counter Online Disinformation.\u201d In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"CIT0041","doi-asserted-by":"publisher","DOI":"10.1177\/0743915619858924"},{"key":"CIT0042","doi-asserted-by":"publisher","DOI":"10.14512\/tatup.28.3.68"},{"key":"CIT0043","unstructured":"Kang, Ruogu, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. \u201c\u2018My Data Just Goes Everywhere:\u2019 User Mental Models of the Internet and Implications for Privacy and Security.\u201d In Proceedings of the 11th Symposium On Usable Privacy and Security (SOUPS), 39\u201352. Ottawa: USENIX Association."},{"key":"CIT0044","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753561"},{"key":"CIT0045","first-page":"5","author":"Kerckhoffs Auguste.","year":"1883","journal-title":"Journal des sciences militaires"},{"key":"CIT0046","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.3151331"},{"key":"CIT0047","doi-asserted-by":"publisher","DOI":"10.17265\/2159-5313\/2016.09.003"},{"key":"CIT0048","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-82786-1"},{"key":"CIT0049","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.07.002"},{"key":"CIT0050","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2022-0016"},{"key":"CIT0051","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00060"},{"key":"CIT0052","doi-asserted-by":"crossref","unstructured":"Kumaraguru, Ponnurangam, Justin Cranshaw, Alessandro Acquisti, Lorrie Cranor, Jason Hong, Mary Ann Blair, and Theodore Pham. 2009. \u201cSchool of Phish: A Real-World Evaluation of Anti-Phishing Training.\u201d In Proceedings of the 5th Symposium on Usable Privacy and Security, 1\u201312.","DOI":"10.1145\/1572532.1572536"},{"key":"CIT0053","unstructured":"Kunke, Johannes, Stephan Wiefling, Markus Ullmann, and Luigi Lo Iacono. 2021. \u201cEvaluation of Account Recovery Strategies with FIDO2-Based Passwordless Authentication.\u201d In Open Identity Summit 2021 (OID '21). Gesellschaft f\u00fcr Informatik e.V."},{"key":"CIT0054","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858101"},{"key":"CIT0055","unstructured":"Lassak, Leona, Annika Hildebrandt, Maximilian Golla, and Blase Ur. 2021. \u201c\u2018It's Stored, Hopefully, on an Encrypted Server\u2019: Mitigating Users' Misconceptions about FIDO2 Biometric Webauthn.\u201d In 30th USENIX Security Symposium (USENIX Security '21), 91\u2013108. USENIX Association. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/lassak."},{"key":"CIT0056","unstructured":"Lastdrager, Elmer, In\u00e9s Carvajal Gallardo, Pieter Hartel, and Marianne Junger. 2017. \u201cHow Effective is Anti-Phishing Training for Children?\u201d In Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS), 229\u2013239."},{"key":"CIT0057","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2021-0050"},{"key":"CIT0058","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00047"},{"key":"CIT0059","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0037"},{"key":"CIT0060","doi-asserted-by":"publisher","DOI":"10.17265\/2159-5313\/2016.09.003"},{"key":"CIT0061","unstructured":"Marne, Sonali Tukaram, Mahdi Nasrullah, and Matthew Wright. 2017. \u201cLearning System-assigned Passwords: A Preliminary Study on the People with Learning Disabilities.\u201d In Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS)."},{"key":"CIT0062","unstructured":"McDonald, Allison, Catherine Barwulor, Michelle L. Mazurek, Florian Schaub, and Elissa M. Redmiles. 2021. \u201c\u2018It's Stressful Having All These Phones\u2019: Investigating Sex Workers' Safety Goals, Risks, and Practices Online.\u201d In 30th USENIX Security Symposium (USENIX Security 21), 375\u2013392. USENIX Association. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/mcdonald."},{"key":"CIT0063","unstructured":"Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. 2015. \u201cCONIKS: Bringing Key Transparency to End Users.\u201d In 24th USENIX Security Symposium (USENIX Security 15), 383\u2013398."},{"key":"CIT0064","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2765539"},{"key":"CIT0065","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300370"},{"key":"CIT0066","unstructured":"Napoli, Daniela, Khadija Baig, Sana Maqsood, and Sonia Chiasson. 2021. \u201c\u2018I'm Literally Just Hoping This Will Work:\u2019 Obstacles Blocking the Online Security and Privacy of Users with Visual Disabilities.\u201d In Proceedings of the Seventeenth Symposium on Usable Privacy and Security (SOUPS), 263\u2013280."},{"key":"CIT0067","unstructured":"Nicholson, James, Lynne Coventry, and Pam Briggs. 2017. \u201cCan we Fight Social Engineering Attacks by Social Means? Assessing Social Salience as a Means to Improve Phish Detection.\u201d In Proceedings of the Thirteenth USENIX Conference on Usable Privacy and Security, SOUPS '17, 285\u2013298."},{"key":"CIT0068","unstructured":"Nicholson, James, Lynne Coventry, and Pam Briggs. 2018. \u201cIntroducing the Cybersurvival Task: Assessing and Addressing Staff Beliefs about Effective Cyber Protection.\u201d In Fourteenth Symposium on Usable Privacy and Security (SOUPS 2018), 443\u2013457."},{"key":"CIT0069","doi-asserted-by":"publisher","DOI":"10.1111\/j.1745-6606.2006.00070.x"},{"key":"CIT0070","doi-asserted-by":"publisher","DOI":"10.1007\/s11109-010-9112-2"},{"key":"CIT0071","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0029"},{"key":"CIT0072","unstructured":"Owens, Kentrell, Olabode Anise, Amanda Krauss, and Blase Ur. 2021. \u201cUser Perceptions of the Usability and Security of Smartphones as FIDO2 Roaming Authenticators.\u201d In Seventeenth Symposium on Usable Privacy and Security (SOUPS '21), 57\u201376. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/owens."},{"key":"CIT0073","first-page":"1","author":"Peer Eyal","year":"2019","journal-title":"SSRN Electronic Journal"},{"key":"CIT0074","doi-asserted-by":"crossref","unstructured":"Petelka, Justin, Yixin Zou, and Florian Schaub. 2019. \u201cPut Your Warning Where Your Link is: Improving and Evaluating Email Phishing Warnings.\u201d In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, 1\u201315.","DOI":"10.1145\/3290605.3300748"},{"key":"CIT0075","unstructured":"Pl\u00f6ger, Stephan, Mischa Meier, and Matthew Smith. 2021. \u201cA Qualitative Usability Evaluation of the Clang Static Analyzer and libFuzzer with CS Students and CTF Players.\u201d In Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021), 553\u2013572. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/ploger."},{"key":"CIT0076","doi-asserted-by":"crossref","unstructured":"Pulls, Tobias, Roel Peeters, and Karel Wouters. 2013. \u201cDistributed Privacy-Preserving Transparency Logging.\u201d In Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, 83\u201394.","DOI":"10.1145\/2517840.2517847"},{"key":"CIT0077","doi-asserted-by":"publisher","DOI":"10.1145\/3236112.3236126"},{"key":"CIT0078","doi-asserted-by":"publisher","DOI":"10.1145\/3411764.3445465"},{"key":"CIT0079","unstructured":"Renaud, Karen, Verena Zimmerman, Joseph Maguire, and Steve Draper. 2017. \u201cLessons Learned from Evaluating Eight Password Nudges in the Wild.\u201d In The LASER Workshop: Learning from Authoritative Security Experiment Results (LASER), 25\u201337. USENIX Association. https:\/\/www.usenix.org\/conference\/laser2017\/presentation\/renaud."},{"key":"CIT0080","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2020.113268"},{"key":"CIT0081","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484780"},{"key":"CIT0082","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2019.2933683"},{"key":"CIT0083","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"CIT0084","unstructured":"Sasse, M. Angela, and Awais Rashid. 2021. The Cyber Security Body of Knowledge v1.1.0, 2021. University of Bristol, Chapter Human Factors. KA Version 1.0.1. https:\/\/www.cybok.org\/."},{"key":"CIT0085","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2016.110"},{"key":"CIT0086","doi-asserted-by":"publisher","DOI":"10.1007\/s12525-019-00373-8"},{"key":"CIT0087","doi-asserted-by":"publisher","DOI":"10.24251\/HICSS.2020.479"},{"key":"CIT0088","doi-asserted-by":"publisher","DOI":"10.1109\/TVCG.2020.3028946"},{"key":"CIT0089","doi-asserted-by":"publisher","DOI":"10.1007\/s12599-021-00734-8"},{"key":"CIT0090","doi-asserted-by":"publisher","DOI":"10.1145\/3479526"},{"key":"CIT0091","unstructured":"Stransky, Christian, Dominik Wermke, Johanna Schrader, Nicolas Huaman, Yasemin Acar, Anna Lena Fehlhaber, Miranda Wei, Blase Ur, and Sascha Fahl. 2021. \u201cOn the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security.\u201d In Seventeenth Symposium on Usable Privacy and Security, (SOUPS), 437\u2013454."},{"key":"CIT0092","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3173774"},{"key":"CIT0093","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376768"},{"key":"CIT0094","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417882"},{"key":"CIT0095","volume-title":"Nudge: Improving Decisions about Health, Wealth, and Happiness","author":"Thaler Richard","year":"2009"},{"key":"CIT0096","doi-asserted-by":"crossref","unstructured":"Tian, Ke, Steve T. K. Jan, Hang Hu, Danfeng Yao, and Gang Wang. 2018. \u201cNeedle in a Haystack: Tracking Down Elite Phishing Domains in the Wild.\u201d In Proceedings of the Internet Measurement Conference 2018, IMC '18, 429\u2013442.","DOI":"10.1145\/3278532.3278569"},{"key":"CIT0097","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2021-0035"},{"key":"CIT0098","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2022-003"},{"key":"CIT0099","unstructured":"Ulqinaku, Enis, Hala Assal, AbdelRahman Abdou, Sonia Chiasson, and Srdjan \u010capkun. 2021. \u201cIs Real-Time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks Against FIDO Protocols.\u201d In 30th USENIX Security Symposium (USENIX Security '21), 3811\u20133828. USENIX Association. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/ulqinaku."},{"key":"CIT0100","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858546"},{"key":"CIT0101","doi-asserted-by":"crossref","unstructured":"Verma, Rakesh, and Keith Dyer. 2015. \u201cOn the Character of Phishing URLs: Accurate and Robust Statistical Learning Classifiers.\u201d In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, CODASPY '15, 111\u2013122.","DOI":"10.1145\/2699026.2699115"},{"key":"CIT0102","unstructured":"Veys, Sophie, Daniel Serrano, Madison Stamos, Margot Herman, Nathan Reitinger, Michelle L. Mazurek, and Blase Ur. 2021. \u201cPursuing Usable and Useful Data Downloads Under GDPR\/CCPA Access Rights via Co-Design.\u201d In Proceedings of the 17th Symposium on Usable Privacy and Security (SOUPS), 217\u2013242."},{"key":"CIT0103","volume-title":"Information Visualization: Perception for Design","author":"Ware Colin.","year":"2012","edition":"3"},{"key":"CIT0104","unstructured":"Wash, Rick, Norbert Nthala, and Emilee Rader. 2021. \u201cKnowledge and Capabilities that Non-Expert Users Bring to Phishing Detection.\u201d In Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021), 377\u2013396. USENIX Association. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/wash."},{"key":"CIT0105","doi-asserted-by":"publisher","DOI":"10.1007\/s12599-016-0453-1"},{"key":"CIT0106","unstructured":"Whitten, Alma, and J. Doug Tygar. 1999. \u201cWhy Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.\u201d In Proceedings of the 8th USENIX Security Symposium (USENIX Security '99), Vol. 348. https:\/\/www.usenix.org\/legacy\/events\/sec99\/whitten.html."},{"key":"CIT0107","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427243"},{"key":"CIT0108","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58201-2_19"},{"key":"CIT0109","unstructured":"Wu, Justin., and Daniel Zappala. 2018. \u201cWhen Is a Tree Really a Truck? Exploring Mental Models of Encryption.\u201d In Proceedings of the 14th Symposium on Usable Privacy and Security (SOUPS). 395\u2013409."},{"key":"CIT0110","doi-asserted-by":"publisher","DOI":"10.1145\/3274469"},{"key":"CIT0111","doi-asserted-by":"publisher","DOI":"10.18420\/muc2018-ws08-0539"},{"key":"CIT0112","doi-asserted-by":"publisher","DOI":"10.1145\/304851.304859"}],"container-title":["Behaviour &amp; Information Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.tandfonline.com\/doi\/pdf\/10.1080\/0144929X.2022.2080908","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,17]],"date-time":"2022-09-17T07:11:31Z","timestamp":1663398691000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.tandfonline.com\/doi\/full\/10.1080\/0144929X.2022.2080908"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,2]]},"references-count":112,"journal-issue":{"issue":"10","published-print":{"date-parts":[[2022,7,27]]}},"alternative-id":["10.1080\/0144929X.2022.2080908"],"URL":"https:\/\/doi.org\/10.1080\/0144929x.2022.2080908","relation":{},"ISSN":["0144-929X","1362-3001"],"issn-type":[{"value":"0144-929X","type":"print"},{"value":"1362-3001","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,6,2]]},"assertion":[{"value":"The publishing and review policy for this title is described in its Aims & Scope.","order":1,"name":"peerreview_statement","label":"Peer Review Statement"},{"value":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=tbit20","URL":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=tbit20","order":2,"name":"aims_and_scope_url","label":"Aim & Scope"},{"value":"2022-06-02","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}