Josh Tan

Research scientist in security and privacy. Software engineer and data analyst.
Computer Science (Institute for Software Research)
Carnegie Mellon University
Advised by: Lorrie Faith Cranor, Lujo Bauer

jstan at [CV | Google Scholar | GitHub | LinkedIn]


Practical recommendations for stronger, more usable passwords combining minimum-strength, minimum-length, and blocklist requirements.
J. Tan, L. Bauer, N. Christin, and L. F. Cranor. CCS 2020.

Practical security guidance for authentication-system designers.
J. Tan. Carnegie Mellon University PhD Thesis. September 2020.

Comparing hypothetical and realistic privacy valuations.
J. Tan, M. Sharif, S. Bhagavatula, M. Beckerle, M. L. Mazurek, and L. Bauer. WPES 2018.

Self-driving cars and data collection: Privacy perceptions of networked autonomous vehicles.
C. Bloom, J. Tan, J. Ramjon, and L. Bauer. SOUPS 2017.

Can unicorns help users compare crypto key fingerprints? [supplementary material]
J. Tan, L. Bauer, J. Bonneau, L. F. Cranor, J. Thomas, and B. Ur. CHI 2017.

(Do not) Track me sometimes: Users' contextual preferences for web tracking.
W. Melicher, M. Sharif, J. Tan, L. Bauer, M. Christodorescu, and P. Leon. PETS 2016.

The effect of developer-specified explanations for permission requests on smartphone user behavior.
J. Tan, K. Nguyen, M. Theodorides, H. Negrón-Arroyo, C. Thompson, S. Egelman, and D. Wagner. CHI 2014.


A framework for comparative usability studies on secure device pairing.
A. Channarasappa, P. Ramakrishnan, J. Tan, and J. Thomas. SOUPS 2015.