Making SSL Warnings Work - Improving Security and User Experience

Making SSL Warnings Work - Improving Security and User Experience

OWASP Foundation via YouTube Direct link

Your connection is not private. Attackers might be trying to steal your information from www.irs.gov (for example, passwords, messages, or credit cards).

8 of 11

8 of 11

Your connection is not private. Attackers might be trying to steal your information from www.irs.gov (for example, passwords, messages, or credit cards).

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Making SSL Warnings Work - Improving Security and User Experience

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Improving SSL warnings Adrienne Porter Felt Chrome security team
  2. 2 How can browsers stop crying wolf?
  3. 3 Traffic shaping
  4. 4 define, identify
  5. 5 How do we explain this to users?
  6. 6 Threat source: the attacker is on the network, not a malicious website
  7. 7 False positives: be more concerned about errors on well-regarded sites
  8. 8 Your connection is not private. Attackers might be trying to steal your information from www.irs.gov (for example, passwords, messages, or credit cards).
  9. 9 Clear instruction Attractive preferred choice Unattractive other choice
  10. 10 Opinionated design works where text fails
  11. 11 TODO LIST • Warn only when under attack • Users understand warnings e Users follow warning advice

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.