Rich Shay

rich at richshay dot com
richshay.com
Pittsburgh, PA

Sample App

Education

Carnegie Mellon, Pittsburgh, PA
Ph.D. Student, School of Computer Science, 2009 - present
Doctoral student in Computation, Organizations, and Society
Advisor: Lorrie Faith Cranor
Masters degree in Computation, Organizations, and Society, 2011
IGERT/CyLab Usable Privacy and Security (CUPS) Doctoral Training Program
Funded by NSF 2010-2011
GPA: 3.9

Purdue University, West Lafayette, IN
Master of Science in Computer Science, 2007
Upsilon Pi Epsilon, International Honor Society for the Computing Sciences
GPA: 3.75

Brown University, Providence, RI
A.B. in Computer Science and Classics, 2003
GTE Corporation Merit Scholarship
Graduated Magna cum Laude and with honors in classics
GPA: 3.9

Thayer Academy, Braintree, MA
High School, 1999
Senior Class President
Cum Laude Society
GPA: 3.92

Professional Experience

Google, 2013 (Summer)
Intern, Mountain View, CA
Examined how people perceived and understood online account hijacking.

Abine, 2012 (Summer)
Intern, Boston, MA
Collaborated with a team to develop privacy-enhancing software. Conducted usability testing both remotely and in person.

Web Development Consultant, 2008-2009
Designed and created websites

Massachusetts Office of the Inspector General, 2003-2004
Intern, Boston, MA
Redesigned and implemented database system used to record the Office's cases
Researched, wrote, and edited documents disseminated by the Office

BBN Technologies, 2001, 2002 (Summers)
Intern, Cambridge, MA
Designed and implemented graphical interfaces for internal research projects on network security
Named 2001 Verizon Northeast Region Internet of the Year

GTE/Verizon Labs, 1999, 2000 (Summers)
Senior Technician, Waltham, MA
Designed, coded, and tested a graphical interface for Verizon customer website

Teaching Experience

Information Security and Privacy
Teaching Assistant for Norman Sadeh, Fall 2012
Duties included assisting with determining course content, giving a lecture, and grading the exams, assignment, and class project.

Usable Privacy and Security
Teaching Assistant for Lorrie Faith Cranor, Fall 2011
Duties included grading weekly homework assignments, helping to determine the lesson plan, presenting two lectures, and meeting students outside of the classroom to discuss homework and the class project.

Publications

Conference Papers

My Religious Aunt Asked Why I Was Trying to Sell Her Viagra: Experiences with Account Hijacking. CHI 2014. (Richard Shay, Iulia Ion, Robert W. Reeder, Sunny Consolvo)

Can Long Passwords be Secure and Usable?. CHI 2014. (Richard Shay, Saranga Komanduri, Adam L. Durity, Phillip (Seyoung) Huh, Michelle L Mazurek, Sean M. Segreti, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor)

Measuring Password Guessability for an Entire University. CCS 2013. (Michelle Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay, Blase Ur)

What Matters to Users? Factors that Affect Users' Willingness to Share Information with Online Advertisers. SOUPS 2013. (Pedro G. Leon, Blase Ur, Yang Wang, Manya Sleeper, Rebecca Balebako, Richard Shay, Lujo Bauer, Mihai Christodorescu, Lorrie Faith Cranor)

The Impact of Length and Mathematical Operators on the Usability and Security of System-Assigned One-Time PINs. USEC 2013. (Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor)

How does your password measure up? The effect of strength meters on password creation. USENIX 2012. (Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor)

Guess Again (and again and again): Measuring password strength by simulating password-cracking algorithms. Oakland 2012. (Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio Lopez)

Correct horse battery staple: Exploring the usability of system-assigned passphrases. SOUPS 2012. (Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle Mazurek, Blase Ur, Timothy Vidas, Lujo Bauer, Nicholas Christin, Lorrie Faith Cranor)

Smart, Useful, Scary, Creepy: Perceptions of Online Bebahavioral Advertising. SOUPS 2012. (Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay, Yang Wang)

Why Johnny Can't Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising. CHI 2012. (Pedro Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, and Yang Wang)

Exploring Reactive Access Control. CHI 2011. (Michelle Mazurek, Peter Klemperer, Richard Shay, Hassan Takabi, Lujo Bauer, and Lorrie Faith Cranor)

Of Passwords and People: Measuring the Effect of Password-Composition Policies. CHI 2011. (Saranga Komanduri, Richard Shay, Patrick Gage Kelley, Michelle Mazurek, Lujo Bauer, Nicholas Christin, Lorrie Faith Cranor, and Serge Egelman)

Encountering Stronger Password Requirements: User Attitudes and Behaviors. SOUPS 2010. (Richard Shay, Saranga Komanduri, Patrick Gage Kelley, Pedro Leon, Michelle Mazurek, Lujo Bauer, Nicholas Christin, and Lorrie Faith Cranor)

Access Control for Home Data Sharing: Attitudes, Needs and Practices. CHI 2010. (Michelle Mazurek, J.P. Arsenault, Joanna Bresee, Nitin Gupta, Iulia Ion, Christina Johns, Daniel Lee, Yuan Liang, Jenny Olsen, Brandon Salmon, Richard Shay, Kami Vaniea, Lujo Bauer, Lorrie Faith Cranor, Gregory R. Ganger, and Michael K. Reiter)

Journal Papers

AdChoices? Compliance with Online Behavioral Advertising Notice and Choice Requirements. I/S: A Journal of Law and Policy for the Information Society 2012. (Saranga Komanduri, Richard Shay, Greg Norcie, Blase Ur, and Lorrie Faith Cranor)

A Comprehensive Simulation Tool for the Analysis of Password Policies. International Journal of Information Security 2009. (Richard Shay and Elisa Bertino)

Workshop Papers

Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising. W2SP 2012. (Rebecca Balebako, Pedro Leon, Richard Shay, Blase Ur, and Lorrie Faith Cranor)

Password Policy Simulation and Analysis. DIM 2007. (Richard Shay, Abhilasha Bhargav-Spantzel, and Elisa Bertio)

Magazine Articles

CyLab Usable Privacy and Security Laboratory. ACM XRDS Magazine 2013. (Rich Shay)

Helping Users Create Better Passwords . USENIX ;login: Magazine 2012. (Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle L. Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Julio López)

Posters

The Art of Password Creation. Oakland 2013. (Blase Ur, Saranga Komanduri, Richard Shay, Stephanos Matsumoto, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Michelle L. Mazurek, Timothy Vidas)

Exploring Reactive Access Control. CHI 2010. (Richard Shay, Michelle Mazurek, Peter Klemperer, and Hassan Takabi)

Undergraduate Thesis

Jesus and Hierarchy. Brown University Senior Thesis 2003. (Richard Shay)

Hobbies and Interests

I am a professional Magic: the Gathering player. I have been playing since 1997, and have attended several Pro-Tours. I have written several articles on Magic that have been published online.

I enjoy playing board games. I am the former New England champion in Agricola, Power Grid, Dominion, and Notre Dame.

I am interested in ancient Greek and Roman philosophy, especially the works of Plato.

I am a native English speaker. I have been proficient at reading Latin, but am rusty. I have proficiency with Ruby, Rails, Java, C, C++, and LaTeX. I have experience with SQL and Perl.