Maximilian Golla

Postdoc at the Max Planck Institute for Security and Privacy in Bochum, Germany

Hi there!

 

I'm a postdoctoral researcher interested in usable security and privacy. While I studied computer science, I later specialized in information security and developed an interest for usability and human factors in computer security.

During my PhD, I focused on exploring the usability and security of password-based user authentication. At the time, I was a scholar of the DFG (German Research Foundation) research training group UbiCrypt. I worked extensively with Blase Ur from SUPERgroup Logo SUPERgroup at the University of Chicago and Adam J. Aviv from GWUSEC Logo GWUSEC Lab at the George Washington University. I received my PhD in 2019 from RUB Logo Ruhr University Bochum, where I was advised by Prof. Dr. Markus Dürmuth.

Since October 2019, I'm a postdoc at the MPI-SP Logo Max Planck Institute for Security and Privacy in Bochum, Germany. The research of our group at MPI-SP focuses on computer security, privacy, and human-computer interaction (HCI). We are especially working on methods to help users make better security and privacy decisions, as well as, to make complex computer systems more usable for non-technical users.

Me

Interests


User Authentication
Privacy Controls

  • User Authentication
    • Passwords (Strength, Recovery, Management, Quantum ...)
    • Mobile Authentication (PINs, Patterns, Biometrics)
    • Notifications (Reuse, WebAuthn, 2FA)
    • Passwordless (FIDO2 & biometric WebAuthn)
    • Access Control (Smart Home & IoT)
    • Alternative Schemes (Implicit Memory, Gamification)
  • Privacy Controls
    • Social Networks (Targeting & Transparency Tools)
    • Voice Assistants (Private Mode & Accidental Triggers)
    • Secure Communication (Messenger & Email Encryption)

Education


  • Doctorate (Dr.-Ing.) Summa cum laude (With highest honors)
  • Master of Science (M.Sc., Engineer) Very good
    • IT Security - Network & Systems
    • «Graphical Fallback Authentication»
    • Ruhr University Bochum
  • Bachelor of Engineering (B.Eng., Engineer) Good
    • Computer Science - Communication in Distributed Systems
    • «Security Audit of a Web Interface for Building Automation»
    • University of Applied Sciences Würzburg-Schweinfurt

Contact



Peer-Reviewed Publications

Below you can find a list of selected papers and posters.
Last update: October 2021
Citation Profiles:
Google Scholar DBLP ORCID iD IEEE Xplore ACM DL ResearchGate

Community Service, Committees, and Reviewing Activities

Last update: June 2021
  • Reviewer: ACM Transactions on Privacy and Security (TOPS '21)
  • Reviewer: IEEE Transactions on Information Forensics and Security (TIFS '21)
  • Program Committee and Poster Chair: 17th Symposium on Usable Privacy and Security (SOUPS '21)
  • External Reviewer: 42nd IEEE Symposium on Security and Privacy (SP '21)
  • Reviewer: 16th International Conference on Wirtschaftsinformatik (WI '21)
  • Reviewer: IEEE Transactions on Emerging Topics in Computing (TETC '20)
  • Program Chair: 6th Who Are You?! Adventures in Authentication Workshop (WAY '20)
  • Program Committee and Poster Chair: 16th Symposium on Usable Privacy and Security (SOUPS '20)
  • Publicity Chair: 5th European Workshop on Usable Security (EuroUSEC '20)
  • Reviewer: ACM Transactions on Privacy and Security (TOPS '20)
  • External Reviewer: 29th USENIX Security Symposium (SSYM '20)
  • Poster Jury: 15th Symposium on Usable Privacy and Security (SOUPS '19)
  • Program Chair: 5th Who Are You?! Adventures in Authentication Workshop (WAY '19)
  • Program Committee and Publicity Chair: 4th European Workshop on Usable Security (EuroUSEC '19)
  • Program Committee: 4th Who Are You?! Adventures in Authentication Workshop (WAY '18)
  • Reviewer: 39th International Conference on Information Systems (ICIS '18)
  • Program Committee: 2018 Networked Privacy Workshop at ACM CHI (NPW '18)
  • External Reviewer: 3rd Who Are You?! Adventures in Authentication Workshop (WAY '17)
  • External Reviewer: 26th USENIX Security Symposium (SSYM '17)
  • Reviewer: ACM Transactions on Privacy and Security (TOPS '17)
  • Reviewer: 11th International Conference on Passwords (PASSWORDS '16)

Talks

Below you can find some recordings of talks I gave at various conferences and other videos.

Last update: September 2021

In the News

Below you can find a list of selected news articles.

Last update: June 2021

Projects & Software

Below you can find a list of cool projects I created or have been involved with.

Last update: September 2021




May 2017
Authentication in Virtual Reality: Predictive Keyboard for Entering Passwords Authentication in Virtual Reality:
Predictive Keyboard for Entering Passwords


October 2015
Gathering User Information: PII-Based Password Guessing Gathering User Information:
PII-Based Password Guessing
July 2015
Learning Authentication Secrets: Knock Patterns Learning Authentication Secrets:
Knock Patterns
December 2014
Attacking Audio CAPTCHAs: Breaking Apple's iCloud Audio CAPTCHA Attacking Audio CAPTCHAs:
Breaking Apple's iCloud Audio CAPTCHA

July 2014
Graphical Fallback Authentication: Google Street View-Based Authentication Graphical Fallback Authentication:
Google Street View-Based Authentication