Hide Notes 

Slide 1: SECURITYCENTERED DESIGN Chris Shiflett shiflett.org @shiflett
Slide 2: Who am I? Web aficionado, author, blogger, soccer player, bike rider, beer drinker, music lover, Brooklynite.
Slide 3: TALK OUTLINE Cognitive Psychology – Ambient Signifiers, Change Blindness Authentication & Phishing – Password Anti-Pattern, Facebook Connect, OAuth Examples – SmugMug Privacy, Facebook Worm, Twitter Don’t Click
Slide 4: DO YOUR USERS FEEL SECURE?
Slide 5: Pave the cow paths. Accommodate users’ expectations and tendencies; don’t try to modify them.
Slide 6: AMBIENT SIGNIFIERS
Slide 7: Tokyo Subway
Slide 8: Ambient Umbrella
Slide 9: Ambient SSL
Slide 10: Login Seals
Slide 11: CHANGE BLINDNESS
Slide 13: STOP
Slide 14: STOP Hammertime
Slide 20: PASSWORD ANTI-PATTERN
Slide 25: FACEBOOK CONNECT
Slide 29: OAUTH http://oauth.net/ OPENID http://openid.net/
Slide 30: SMUGMUG PRIVACY
Slide 33: Be Humble
Slide 34: FACEBOOK WORM
Slide 37: TWITTER DON’T CLICK
Slide 42: RELATED POSTS Security and User Experience – http://shiflett.org/blog/2008/jan/security-and-user-experience Ambient Signifiers – http://shiflett.org/blog/2007/feb/ambient-signifiers Facebook Worm – http://shiflett.org/blog/2008/nov/facebook-worm Twitter Don’t Click Exploit – http://shiflett.org/blog/2009/feb/twitter-dont-click-exploit
Slide 43: PHOTOS Tree – http://flickr.com/photos/stuckincustoms/529110230 Cow path – http://flickr.com/photos/suda/672714986 My backyard – http://flickr.com/photos/shiflett/3261447115
Slide 44: FEEDBACK? Follow me on Twitter – @shiflett Comment on my blog – shiflett.org Email me – chris@shiflett.org