@inproceedings{47299,
  author       = {{Krause, Alexander and Klemmer, Jan H. and Huaman, Nicolas and Wermke, Dominik and Acar, Yasemin and Fahl, Sascha}},
  booktitle    = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}},
  editor       = {{Calandrino, Joseph A. and Troncoso, Carmela}},
  publisher    = {{USENIX Association}},
  title        = {{{Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories}}},
  year         = {{2023}},
}

@inproceedings{47310,
  author       = {{Fourné, Marcel and Wermke, Dominik and Enck, William and Fahl, Sascha and Acar, Yasemin}},
  booktitle    = {{44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023}},
  pages        = {{1527–1544}},
  publisher    = {{IEEE}},
  title        = {{{It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security}}},
  doi          = {{10.1109/SP46215.2023.10179320}},
  year         = {{2023}},
}

@inproceedings{47311,
  author       = {{Munyendo, Collins W. and Acar, Yasemin and Aviv, Adam J.}},
  booktitle    = {{44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023}},
  pages        = {{570–587}},
  publisher    = {{IEEE}},
  title        = {{{"In Eighty Percent of the Cases, I Select the Password for Them": Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya}}},
  doi          = {{10.1109/SP46215.2023.10179410}},
  year         = {{2023}},
}

@inproceedings{47303,
  author       = {{Keküllüoglu, Dilara and Acar, Yasemin}},
  booktitle    = {{44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023}},
  pages        = {{2015–2031}},
  publisher    = {{IEEE}},
  title        = {{{"We are a startup to the core": A qualitative interview study on the security and privacy development practices in Turkish software startups}}},
  doi          = {{10.1109/SP46215.2023.10179339}},
  year         = {{2023}},
}

@article{47296,
  author       = {{Kohno, Tadayoshi and Acar, Yasemin and Loh, Wulf}},
  journal      = {{CoRR}},
  title        = {{{Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations}}},
  doi          = {{10.48550/arXiv.2302.14326}},
  volume       = {{abs/2302.14326}},
  year         = {{2023}},
}

@inproceedings{47305,
  author       = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Acar, Yasemin and Fahl, Sascha}},
  booktitle    = {{Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023}},
  editor       = {{Kelley, Patrick Gage and Kapadia, Apu}},
  pages        = {{171–190}},
  publisher    = {{USENIX Association}},
  title        = {{{"Would You Give the Same Priority to the Bank and a Game? I Do Not!" Exploring Credential Management Strategies and Obstacles during Password Manager Setup}}},
  year         = {{2023}},
}

@inproceedings{47301,
  author       = {{Höltervennhoff, Sandra and Klostermeyer, Philip and Wöhler, Noah and Acar, Yasemin and Fahl, Sascha}},
  booktitle    = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}},
  editor       = {{Calandrino, Joseph A. and Troncoso, Carmela}},
  publisher    = {{USENIX Association}},
  title        = {{{"I wouldn’t want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust}}},
  year         = {{2023}},
}

@inproceedings{47298,
  author       = {{Mink, Jaron and Kaur, Harjot and Schmüser, Juliane and Fahl, Sascha and Acar, Yasemin}},
  booktitle    = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}},
  editor       = {{Calandrino, Joseph A. and Troncoso, Carmela}},
  publisher    = {{USENIX Association}},
  title        = {{{"Security is not my field, I’m a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry}}},
  year         = {{2023}},
}

@inproceedings{47842,
  author       = {{Fourné, Marcel and Wermke, Dominik and Enck, William and Fahl, Sascha and Acar, Yasemin}},
  booktitle    = {{2023 IEEE Symposium on Security and Privacy (SP)}},
  publisher    = {{IEEE}},
  title        = {{{It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security}}},
  doi          = {{10.1109/sp46215.2023.10179320}},
  year         = {{2023}},
}

@article{47295,
  author       = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Krause, Alexander and Simko, Lucy and Acar, Yasemin and Fahl, Sascha}},
  journal      = {{CoRR}},
  title        = {{{Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication}}},
  doi          = {{10.48550/arXiv.2306.09708}},
  volume       = {{abs/2306.09708}},
  year         = {{2023}},
}

@article{47294,
  author       = {{Tran, Mindy and Acar, Yasemin and Cucker, Michel and Enck, William and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}},
  journal      = {{CoRR}},
  title        = {{{S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit}}},
  doi          = {{10.48550/arXiv.2307.15642}},
  volume       = {{abs/2307.15642}},
  year         = {{2023}},
}

@article{47293,
  author       = {{Dunlap, Trevor and Acar, Yasemin and Cucker, Michel and Enck, William and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}},
  journal      = {{CoRR}},
  title        = {{{S3C2 Summit 2023-02: Industry Secure Supply Chain Summit}}},
  doi          = {{10.48550/arXiv.2307.16557}},
  volume       = {{abs/2307.16557}},
  year         = {{2023}},
}

@article{47292,
  author       = {{Enck, William and Acar, Yasemin and Cukier, Michel and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}},
  journal      = {{CoRR}},
  title        = {{{S3C2 Summit 2023-06: Government Secure Supply Chain Summit}}},
  doi          = {{10.48550/arXiv.2308.06850}},
  volume       = {{abs/2308.06850}},
  year         = {{2023}},
}

@inproceedings{47300,
  author       = {{Kohno, Tadayoshi and Acar, Yasemin and Loh, Wulf}},
  booktitle    = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}},
  editor       = {{Calandrino, Joseph A. and Troncoso, Carmela}},
  publisher    = {{USENIX Association}},
  title        = {{{Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations}}},
  year         = {{2023}},
}

@inproceedings{47312,
  author       = {{Neil, Lorenzo and Sri Ramulu, Harshini and Acar, Yasemin and Reaves, Bradley}},
  booktitle    = {{Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023}},
  pages        = {{283–299}},
  publisher    = {{USENIX Association}},
  title        = {{{Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice}}},
  year         = {{2023}},
}

@article{47291,
  author       = {{Klemmer, Jan H. and Gutfleisch, Marco and Stransky, Christian and Acar, Yasemin and Sasse, M. Angela and Fahl, Sascha}},
  journal      = {{CoRR}},
  title        = {{{"Make Them Change it Every Week!": A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication}}},
  doi          = {{10.48550/arXiv.2309.00744}},
  volume       = {{abs/2309.00744}},
  year         = {{2023}},
}

@inproceedings{53362,
  author       = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Krause, Alexander and Simko, Lucy and Acar, Yasemin and Fahl, Sascha}},
  booktitle    = {{Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023}},
  editor       = {{Meng, Weizhi and Jensen, Christian Damsgaard and Cremers, Cas and Kirda, Engin}},
  pages        = {{3138–3152}},
  publisher    = {{ACM}},
  title        = {{{"We’ve Disabled MFA for You": An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments}}},
  doi          = {{10.1145/3576915.3623180}},
  year         = {{2023}},
}

@inproceedings{49438,
  author       = {{Krüger, Stefan and Reif, Michael and Wickert, Anna-Katharina and Nadi, Sarah and Ali, Karim and Bodden, Eric and Acar, Yasemin and Mezini, Mira and Fahl, Sascha}},
  booktitle    = {{2023 IEEE Secure Development Conference (SecDev)}},
  publisher    = {{IEEE}},
  title        = {{{Securing Your Crypto-API Usage Through Tool Support - A Usability Study}}},
  doi          = {{10.1109/secdev56634.2023.00015}},
  year         = {{2023}},
}

@article{53368,
  author       = {{Fourné, Marcel and Wermke, Dominik and Fahl, Sascha and Acar, Yasemin}},
  journal      = {{IEEE Security & Privacy}},
  number       = {{6}},
  pages        = {{59–63}},
  publisher    = {{IEEE}},
  title        = {{{A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda}}},
  volume       = {{21}},
  year         = {{2023}},
}

@inproceedings{53366,
  author       = {{Tran, Mindy and Munyendo, Collins W and Sri Ramulu, Harshini and Rodriguez, Rachel Gonzalez and Schnell, Luisa Ball and Sula, Cora and Simko, Lucy and Acar, Yasemin}},
  booktitle    = {{2024 IEEE Symposium on Security and Privacy (SP)}},
  pages        = {{4–4}},
  title        = {{{Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study}}},
  year         = {{2023}},
}