{"id":"https://openalex.org/W4281704435","doi":"https://doi.org/10.1080/0144929x.2022.2080908","title":"A quarter century of usable security and privacy research: transparency, tailorability, and the road ahead","display_name":"A quarter century of usable security and privacy research: transparency, tailorability, and the road ahead","publication_year":2022,"publication_date":"2022-06-02","ids":{"openalex":"https://openalex.org/W4281704435","doi":"https://doi.org/10.1080/0144929x.2022.2080908"},"language":"en","primary_location":{"id":"doi:10.1080/0144929x.2022.2080908","is_oa":true,"landing_page_url":"https://doi.org/10.1080/0144929x.2022.2080908","pdf_url":"https://www.tandfonline.com/doi/pdf/10.1080/0144929X.2022.2080908?needAccess=true","source":{"id":"https://openalex.org/S123849098","display_name":"Behaviour and Information Technology","issn_l":"0144-929X","issn":["0144-929X","1362-3001"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Behaviour &amp; Information Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://www.tandfonline.com/doi/pdf/10.1080/0144929X.2022.2080908?needAccess=true","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026464027","display_name":"Christian Reuter","orcid":"https://orcid.org/0000-0003-1920-038X"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Christian Reuter","raw_affiliation_strings":["Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt, Darmstadt, Hessen, Germany"],"affiliations":[{"raw_affiliation_string":"Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt, Darmstadt, Hessen, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037591969","display_name":"Luigi Lo Iacono","orcid":"https://orcid.org/0000-0002-7863-0622"},"institutions":[{"id":"https://openalex.org/I155417937","display_name":"Hochschule Bonn-Rhein-Sieg","ror":"https://ror.org/04m2anh63","country_code":"DE","type":"education","lineage":["https://openalex.org/I155417937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Luigi Lo Iacono","raw_affiliation_strings":["Cyber Security and Privacy, Hochschule Bonn-Rhein-Sieg University of Applied Sciences, Sankt Augustin Germany"],"affiliations":[{"raw_affiliation_string":"Cyber Security and Privacy, Hochschule Bonn-Rhein-Sieg University of Applied Sciences, Sankt Augustin Germany","institution_ids":["https://openalex.org/I155417937"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082912598","display_name":"Alexander Benlian","orcid":"https://orcid.org/0000-0002-7294-3097"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Alexander Benlian","raw_affiliation_strings":["Information Systems & E-Services, Technical University of Darmstadt, Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Information Systems & E-Services, Technical University of Darmstadt, Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5026464027"],"corresponding_institution_ids":["https://openalex.org/I31512782"],"apc_list":null,"apc_paid":null,"fwci":10.2845,"has_fulltext":false,"cited_by_count":27,"citation_normalized_percentile":{"value":0.98052877,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"41","issue":"10","first_page":"2035","last_page":"2048"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9890000224113464,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.986299991607666,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.7503323554992676},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.6116477251052856},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.5921434164047241},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5449312329292297},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.5298331379890442},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5238394737243652},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.46595460176467896},{"id":"https://openalex.org/keywords/privacy-by-design","display_name":"Privacy by Design","score":0.4438513517379761},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.18580764532089233}],"concepts":[{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.7503323554992676},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.6116477251052856},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5921434164047241},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5449312329292297},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.5298331379890442},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5238394737243652},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.46595460176467896},{"id":"https://openalex.org/C193934123","wikidata":"https://www.wikidata.org/wiki/Q7246028","display_name":"Privacy by Design","level":3,"score":0.4438513517379761},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.18580764532089233}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1080/0144929x.2022.2080908","is_oa":true,"landing_page_url":"https://doi.org/10.1080/0144929x.2022.2080908","pdf_url":"https://www.tandfonline.com/doi/pdf/10.1080/0144929X.2022.2080908?needAccess=true","source":{"id":"https://openalex.org/S123849098","display_name":"Behaviour and Information Technology","issn_l":"0144-929X","issn":["0144-929X","1362-3001"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Behaviour &amp; Information Technology","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:dar:wpaper:132897","is_oa":false,"landing_page_url":"https://www.tandfonline.com/doi/full/10.1080/0144929X.2022.2080908","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"preprint"},{"id":"pmh:oai:RePEc:taf:tbitxx:v:41:y:2022:i:10:p:2035-2048","is_oa":false,"landing_page_url":"http://hdl.handle.net/10.1080/0144929X.2022.2080908","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:pub.h-brs.de:6267","is_oa":false,"landing_page_url":"https://pub.h-brs.de/frontdoor/index/index/docId/6267","pdf_url":null,"source":{"id":"https://openalex.org/S4306400385","display_name":"Publication Server of Bonn-Rhein-Sieg University of Applied Sciences (Bonn-Rhein-Sieg University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I135140700","host_organization_name":"University of Bonn","host_organization_lineage":["https://openalex.org/I135140700"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ISSN 0144-929X","raw_type":"doc-type:article"}],"best_oa_location":{"id":"doi:10.1080/0144929x.2022.2080908","is_oa":true,"landing_page_url":"https://doi.org/10.1080/0144929x.2022.2080908","pdf_url":"https://www.tandfonline.com/doi/pdf/10.1080/0144929X.2022.2080908?needAccess=true","source":{"id":"https://openalex.org/S123849098","display_name":"Behaviour and Information Technology","issn_l":"0144-929X","issn":["0144-929X","1362-3001"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Behaviour &amp; Information Technology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320321147","display_name":"Ministry of Higher Education","ror":"https://ror.org/0512bh102"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4281704435.pdf","grobid_xml":"https://content.openalex.org/works/W4281704435.grobid-xml"},"referenced_works_count":100,"referenced_works":["https://openalex.org/W102427107","https://openalex.org/W1481908410","https://openalex.org/W1498728415","https://openalex.org/W1823329909","https://openalex.org/W1985555704","https://openalex.org/W1989957782","https://openalex.org/W1991246983","https://openalex.org/W2005306186","https://openalex.org/W2028171449","https://openalex.org/W2037202491","https://openalex.org/W2046653306","https://openalex.org/W2046810302","https://openalex.org/W2046875106","https://openalex.org/W2061831106","https://openalex.org/W2095881341","https://openalex.org/W2132553681","https://openalex.org/W2143953012","https://openalex.org/W2157597875","https://openalex.org/W2207884471","https://openalex.org/W2211083916","https://openalex.org/W2323628904","https://openalex.org/W2329226491","https://openalex.org/W2394619600","https://openalex.org/W2398042895","https://openalex.org/W2403232321","https://openalex.org/W2403516514","https://openalex.org/W2507353024","https://openalex.org/W2541261609","https://openalex.org/W2541640915","https://openalex.org/W2567289819","https://openalex.org/W2626178213","https://openalex.org/W2740448455","https://openalex.org/W2741872938","https://openalex.org/W2743753426","https://openalex.org/W2746002892","https://openalex.org/W2765871243","https://openalex.org/W2795530988","https://openalex.org/W2796071975","https://openalex.org/W2798247400","https://openalex.org/W2802769858","https://openalex.org/W2888990453","https://openalex.org/W2889247751","https://openalex.org/W2889431301","https://openalex.org/W2889461760","https://openalex.org/W2896396724","https://openalex.org/W2902942389","https://openalex.org/W2909986196","https://openalex.org/W2935724797","https://openalex.org/W2940466285","https://openalex.org/W2941211423","https://openalex.org/W2942073295","https://openalex.org/W2942101457","https://openalex.org/W2964671672","https://openalex.org/W2966439658","https://openalex.org/W2969836291","https://openalex.org/W2969944759","https://openalex.org/W2970983524","https://openalex.org/W2981462416","https://openalex.org/W2982321410","https://openalex.org/W2989794528","https://openalex.org/W2995352153","https://openalex.org/W3005881408","https://openalex.org/W3015349823","https://openalex.org/W3032791547","https://openalex.org/W3068296915","https://openalex.org/W3080472464","https://openalex.org/W3090113120","https://openalex.org/W3094101882","https://openalex.org/W3095314735","https://openalex.org/W3097070698","https://openalex.org/W3097523736","https://openalex.org/W3103908128","https://openalex.org/W3105350924","https://openalex.org/W3112829444","https://openalex.org/W3123910219","https://openalex.org/W3146533344","https://openalex.org/W3159130187","https://openalex.org/W3159723174","https://openalex.org/W3160992782","https://openalex.org/W3161163131","https://openalex.org/W3163432641","https://openalex.org/W3178006137","https://openalex.org/W3187465387","https://openalex.org/W3190104128","https://openalex.org/W3190536237","https://openalex.org/W3191216444","https://openalex.org/W3191376370","https://openalex.org/W3192963099","https://openalex.org/W3193501489","https://openalex.org/W3195856402","https://openalex.org/W3196181593","https://openalex.org/W3196953985","https://openalex.org/W3205858893","https://openalex.org/W3208610766","https://openalex.org/W3217449850","https://openalex.org/W4200194124","https://openalex.org/W4210877703","https://openalex.org/W4213029239","https://openalex.org/W6607425584","https://openalex.org/W6677548862"],"related_works":["https://openalex.org/W2146270836","https://openalex.org/W2101582069","https://openalex.org/W2994243660","https://openalex.org/W3091445850","https://openalex.org/W2675231964","https://openalex.org/W2118333568","https://openalex.org/W2747442008","https://openalex.org/W2127814706","https://openalex.org/W315296216","https://openalex.org/W2549995367"],"abstract_inverted_index":{"In":[0],"the":[1,22,35,46,57,138,150,206],"last":[2],"decades,":[3],"research":[4,47,139,148,222],"has":[5],"shown":[6],"that":[7],"both":[8,74],"technical":[9],"solutions":[10],"and":[11,19,41,52,55,62,76,98,101,145,152,205,227],"user":[12,80,155],"perceptions":[13],"are":[14,82],"important":[15],"to":[16,32,59,64,73,95,104,110,168,213],"improve":[17],"security":[18,51,99,128],"privacy":[20,75,97,170,186],"in":[21,34,67,141,172,194],"digital":[23],"realm.":[24],"The":[25],"field":[26,48,140],"of":[27,49,89,137,154,174],"\u2018usable":[28],"security\u2019":[29],"already":[30],"started":[31],"emerge":[33],"mid-90s,":[36],"primarily":[37],"focussed":[38],"on":[39,149,158,178,188,224],"password":[40],"email":[42],"security.":[43,77],"Later":[44],"on,":[45],"\u201dusable":[50],"privacy\u201d":[53],"evolved":[54],"broadened":[56],"aim":[58],"design":[60],"concepts":[61],"tools":[63],"assist":[65],"users":[66],"enhancing":[68],"their":[69],"behaviour":[70],"with":[71,166,220],"regard":[72,167],"Nevertheless,":[78],"many":[79],"interventions":[81],"not":[83,102],"as":[84,86,120,196,198],"effective":[85],"desired.":[87],"Because":[88],"highly":[90],"diverse":[91],"usage":[92],"contexts,":[93],"leading":[94],"different":[96],"requirements":[100],"always":[103],"one-size-fits-all":[105],"approaches,":[106],"tailorability":[107,153],"is":[108,116],"necessary":[109],"address":[111],"this":[112,160],"issue.":[113],"Furthermore,":[114],"transparency":[115,151,226],"a":[117,134],"crucial":[118],"requirement,":[119],"providing":[121],"comprehensible":[122],"information":[123],"may":[124],"counter":[125],"reactance":[126],"towards":[127],"interventions.":[129,156],"This":[130,217],"article":[131,161,218],"first":[132,143],"provides":[133],"brief":[135],"history":[136],"its":[142],"quarter-century":[144],"then":[146,162],"highlights":[147],"Based":[157],"this,":[159],"presents":[163],"six":[164],"contributions":[165],"(1)":[169],"concerns":[171],"times":[173],"COVID-19,":[175],"(2)":[176],"authentication":[177],"mobile":[179],"devices,":[180],"(3)":[181],"GDPR-compliant":[182],"data":[183,191,202,210],"management,":[184],"(4)":[185],"notices":[187],"websites,":[189],"(5)":[190],"disclosure":[192],"scenarios":[193],"agriculture,":[195],"well":[197],"(6)":[199],"rights":[200],"under":[201],"protection":[203],"law":[204],"concrete":[207],"process":[208],"should":[209],"subjects":[211],"want":[212],"claim":[214],"those":[215],"rights.":[216],"concludes":[219],"several":[221],"directions":[223],"user-centred":[225],"tailorability.":[228]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}