rich at richshay dot com
Ph.D. Student, School of Computer Science, 2009 - present
Doctoral student in Computation, Organizations, and Society
Advisor: Lorrie Faith Cranor
Masters degree in Computation, Organizations, and Society, 2011
IGERT/CyLab Usable Privacy and Security (CUPS) Doctoral Training Program
Funded by NSF 2010-2011
High School, 1999
Senior Class President
Cum Laude Society
Intern, Mountain View, CA
Examined how people perceived and understood online account hijacking.
Intern, Boston, MA
Collaborated with a team to develop privacy-enhancing software. Conducted usability testing both remotely and in person.
Web Development Consultant,
Designed and created websites
Massachusetts Office of the Inspector General,
Intern, Boston, MA
Redesigned and implemented database system used to record the Office's cases
Researched, wrote, and edited documents disseminated by the Office
2001, 2002 (Summers)
Intern, Cambridge, MA
Designed and implemented graphical interfaces for internal research projects on network security
Named 2001 Verizon Northeast Region Internet of the Year
1999, 2000 (Summers)
Senior Technician, Waltham, MA
Designed, coded, and tested a graphical interface for Verizon customer website
Information Security and Privacy
Teaching Assistant for Norman Sadeh, Fall 2012
Duties included assisting with determining course content, giving a lecture, and grading the exams, assignment, and class project.
Usable Privacy and Security
Teaching Assistant for Lorrie Faith Cranor, Fall 2011
Duties included grading weekly homework assignments, helping to determine the lesson plan, presenting two lectures, and meeting students outside of the classroom to discuss homework and the class project.
Telepathwords: Preventing Weak Passwords by Reading Users' Minds. USENIX 2014. (Saranga Komanduri, Richard Shay, Lorrie Faith Cranor, Cormac Herley, and Stuart Schechter)
Can Long Passwords be Secure and Usable?. CHI 2014. (Richard Shay, Saranga Komanduri, Adam L. Durity, Phillip (Seyoung) Huh, Michelle L Mazurek, Sean M. Segreti, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor)
My Religious Aunt Asked Why I Was Trying to Sell Her Viagra: Experiences with Account Hijacking. CHI 2014. (Richard Shay, Iulia Ion, Robert W. Reeder, Sunny Consolvo)
Measuring Password Guessability for an Entire University. CCS 2013. (Michelle Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay, Blase Ur)
What Matters to Users? Factors that Affect Users' Willingness to Share Information with Online Advertisers. SOUPS 2013. (Pedro G. Leon, Blase Ur, Yang Wang, Manya Sleeper, Rebecca Balebako, Richard Shay, Lujo Bauer, Mihai Christodorescu, Lorrie Faith Cranor)
The Impact of Length and Mathematical Operators on the Usability and Security of System-Assigned One-Time PINs. USEC 2013. (Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor)
How does your password measure up? The effect of strength meters on password creation. USENIX 2012. (Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor)
Guess Again (and again and again): Measuring password strength by simulating password-cracking algorithms. Oakland 2012. (Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio Lopez)
Smart, Useful, Scary, Creepy: Perceptions of Online Bebahavioral Advertising. SOUPS 2012. (Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay, Yang Wang)
Correct horse battery staple: Exploring the usability of system-assigned passphrases. SOUPS 2012. (Richard Shay, Patrick Gage Kelley, Saranga Komanduri, Michelle Mazurek, Blase Ur, Timothy Vidas, Lujo Bauer, Nicholas Christin, Lorrie Faith Cranor)
Why Johnny Can't Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising. CHI 2012. (Pedro Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, and Yang Wang)
Exploring Reactive Access Control. CHI 2011. (Michelle Mazurek, Peter Klemperer, Richard Shay, Hassan Takabi, Lujo Bauer, and Lorrie Faith Cranor)
Of Passwords and People: Measuring the Effect of Password-Composition Policies. CHI 2011. (Saranga Komanduri, Richard Shay, Patrick Gage Kelley, Michelle Mazurek, Lujo Bauer, Nicholas Christin, Lorrie Faith Cranor, and Serge Egelman)
Encountering Stronger Password Requirements: User Attitudes and Behaviors. SOUPS 2010. (Richard Shay, Saranga Komanduri, Patrick Gage Kelley, Pedro Leon, Michelle Mazurek, Lujo Bauer, Nicholas Christin, and Lorrie Faith Cranor)
Access Control for Home Data Sharing: Attitudes, Needs and Practices. CHI 2010. (Michelle Mazurek, J.P. Arsenault, Joanna Bresee, Nitin Gupta, Iulia Ion, Christina Johns, Daniel Lee, Yuan Liang, Jenny Olsen, Brandon Salmon, Richard Shay, Kami Vaniea, Lujo Bauer, Lorrie Faith Cranor, Gregory R. Ganger, and Michael K. Reiter)
AdChoices? Compliance with Online Behavioral Advertising Notice and Choice Requirements. I/S: A Journal of Law and Policy for the Information Society 2012. (Saranga Komanduri, Richard Shay, Greg Norcie, Blase Ur, and Lorrie Faith Cranor)
A Comprehensive Simulation Tool for the Analysis of Password Policies. International Journal of Information Security 2009. (Richard Shay and Elisa Bertino)
Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising. W2SP 2012. (Rebecca Balebako, Pedro Leon, Richard Shay, Blase Ur, and Lorrie Faith Cranor)
Password Policy Simulation and Analysis. DIM 2007. (Richard Shay, Abhilasha Bhargav-Spantzel, and Elisa Bertio)
CyLab Usable Privacy and Security Laboratory. ACM XRDS Magazine 2013. (Rich Shay)
Helping Users Create Better Passwords . USENIX ;login: Magazine 2012. (Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle L. Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Julio López)
The Art of Password Creation. Oakland 2013. (Blase Ur, Saranga Komanduri, Richard Shay, Stephanos Matsumoto, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Michelle L. Mazurek, Timothy Vidas)
Exploring Reactive Access Control. CHI 2010. (Richard Shay, Michelle Mazurek, Peter Klemperer, and Hassan Takabi)
Jesus and Hierarchy. Brown University Senior Thesis 2003. (Richard Shay)
Hobbies and Interests
I am a professional Magic: the Gathering player. I have been playing since 1997, and have attended several Pro-Tours. I have written several articles on Magic that have been published online.
I enjoy playing board games. I am the former New England champion in Agricola, Power Grid, Dominion, and Notre Dame.
I am interested in ancient Greek and Roman philosophy, especially the works of Plato.
I am a native English speaker. I have been proficient at reading Latin, but am rusty. I have proficiency with Ruby, Rails, Java, C, C++, and LaTeX. I have experience with SQL and Perl.