subject
Intro

Coursera: Usable Security

 with  Jennifer Golbeck
Sponsored
Intro to Data Analysis
Facebook via Udacity
Sponsored
Intro to Data Analysis
Facebook via Udacity
This course focuses on how to design and build secure systems with a human-centric focus. We will look at basic principles of human-computer interaction, and apply these insights to the design of secure systems with the goal of developing security measures that respect human performance and their goals within a system.

Syllabus

Week 1
Fundamentals of Human-Computer Interaction: users, usability, tasks, and cognitive models

Week 2
Design: design methodology, prototyping, cybersecurity case study

Week 3
Evaluation: usability studies, A/B testing, quantitative and qualitative evaluation, cybersecurity case study

Week 4
Strategies for Secure Interaction Design: authority, guidelines for interface design

Week 5
Usable Authentication: authentication mechanisms, biometrics, two-factor authentication

Week 6
Usable Privacy: privacy settings, personal data sharing, data inference

Final Exam


9 Student
reviews
Cost Free Online Course (Audit)
Pace Upcoming
Provider Coursera
Language English
Certificates Paid Certificate Available
Hours 3-5 hours a week
Calendar 7 weeks long
Sign up for free? Learn how
+ Add to My Courses
Learn Data Analysis udacity.com

Learn to become a Data Analyst. Job offer guaranteed or get a full refund.

Advertisement
Become a Data Scientist datacamp.com

Learn Python & R at your own pace. Start now for free!

Advertisement
FAQ View All
What are MOOCs?
MOOCs stand for Massive Open Online Courses. These are free online courses from universities around the world (eg. Stanford Harvard MIT) offered to anyone with an internet connection.
How do I register?
To register for a course, click on "Go to Class" button on the course page. This will take you to the providers website where you can register for the course.
How do these MOOCs or free online courses work?
MOOCs are designed for an online audience, teaching primarily through short (5-20 min.) pre recorded video lectures, that you watch on weekly schedule when convenient for you.  They also have student discussion forums, homework/assignments, and online quizzes or exams.

9 reviews for Coursera's Usable Security

Write a review
3 out of 3 people found the following review useful
a year ago
Aslam Karachiwala completed this course, spending 4 hours a week on it and found the course difficulty to be very easy.
The following is the review I posted on Coursera. === This was an extremely elementary and thus disappointing course. While the importance of "Usability" was rightly emphasized, the representation in terms of examples, case studies, etc. was simplistic. I appreciated having my attention drawn to the pitfalls of HCI d Read More
The following is the review I posted on Coursera.

===

This was an extremely elementary and thus disappointing course. While the importance of "Usability" was rightly emphasized, the representation in terms of examples, case studies, etc. was simplistic. I appreciated having my attention drawn to the pitfalls of HCI design and the consequent failure of the corresponding systems. However, the solutions were presented as if: 1.) there are always "correct" interface/usability choices; 2.) the "correct" choice is all that's needed for the system to be optimally functional; and 3.) there is never a tension between usability and effective functioning of a system (that can't be resolved with correcting the usability).

It is irresponsible to suggest, for example, that a user selected memorable password is generally adequately secure without also covering ways that an interface can guide/nudge the user to create a secure password. Wide recognition of the importance of this may be more recent than the studies covered in the course. There is nothing wrong with studying old, seminal research, even in this age of "Internet time," but I wish I wasn't left wondering what, if any, developments had occurred in the decade or so since that research took place.

As for tension between usability and security, it absolutely exists. For instance, PGP encryption is a reliable way to secure information, yet making it usable remains a challenge. This is not even mentioned in the entire course. In fact, this course would leave an otherwise uninformed student believing that there are usability solutions waiting to be applied to every cause of info insecurity if the techies would just look. I wish the course had at least acknowledged that there are cases where a slight compromise on usability might be necessary for the sake of appropriate security.

Lastly, for those designing an HCI for security, it is important to understand threat models. This concept is also missing from the course.

===

I reviewed this course (above) immediately after I finished it. I am now in the 3rd week of Software Security, the 2nd course in the Cybersecurity specialization, and am realizing that 2 stars was a generous assessment. Based on the prerequisites of the Software Security course, the Usable Security course, in its current form, is too elementary to be appropriate for people who have the experience/knowledge required for the rest of the courses in this specialization. As I explained above, the course relies heavily on decade-old research but does not cover any developments since. For instance, the usability issues covered in the studies are for ancient versions of browsers with no discussion of how the browsers and our infosec vulnerabilities have changed since those studies were published. Another example is the instructor's eschewing of password managers while many knowledgeable folks in the infosec community today recommend their use. The usability challenges of password managers and a discussion of how they might be mitigated would have been more appropriate.

Was this review helpful to you? YES | NO
4 out of 5 people found the following review useful
2 years ago
Thomas D completed this course, spending 2 hours a week on it and found the course difficulty to be very easy.
I took this course at the same time as "Software Security". I really enjoyed Software Security, but Usable Security was horrible. The instructor is a really bad teacher, and she doesn't seem to know anything about computer science, she is just a psychologist. The videos a poorly made (most of the course are not even pr Read More
I took this course at the same time as "Software Security". I really enjoyed Software Security, but Usable Security was horrible. The instructor is a really bad teacher, and she doesn't seem to know anything about computer science, she is just a psychologist. The videos a poorly made (most of the course are not even prepared and they are just 3 people openly discussing about something). The slides are useless (just some photos and 2-3 words per slide, and there are a lot of courses which don't even have any slides). The quizzes are useless, you could answer them without even looking at the course. The questions of the final exam do not have a clear answer (for instance: they think that a password with 8 random characters is hard to crack, but it would take only a few days with a brute force attack, and also they think that a user chosen 8 character password is more secure than a random one, which is wrong in my opinion). A lot of questions could be either true or false depending on the context and there is no formality in this course. I would not recommend it at all, but I took it as part of the cybersecurity specialization. Thankfully, the Software Security course was really amazing.
Was this review helpful to you? YES | NO
2 out of 2 people found the following review useful
2 years ago
profile picture
Anonymous completed this course.
This course looks into Security from a different perspective, one that many times developers or the people enforcing security polices on companies fail to see many times. It is not a technical course but will help you think more about the human factor that can break the same security policies you are trying to enforce Read More
This course looks into Security from a different perspective, one that many times developers or the people enforcing security polices on companies fail to see many times. It is not a technical course but will help you think more about the human factor that can break the same security policies you are trying to enforce and perceive things from the user perspective. Many people with security background would probably be able to answer the quizzes without taking the course or studying much, but overall I think it is good to have and encourage conversations like this openly. It is true that many types there is a disconnect between the users and the developers, and it is important to be aware of this and do what we can to close the gap.
Was this review helpful to you? YES | NO
4 out of 4 people found the following review useful
3 years ago
Butch Landingin is taking this course right now, spending 3 hours a week on it and found the course difficulty to be easy.
While some students complained if this was really a security related course because it dealt primarily with the "human factors", I think it offered me a fresh perspective on security as not just about threats and malicious behavior, but also how legitimate users themselves compromise security (e.g. phishing) if the sof Read More
While some students complained if this was really a security related course because it dealt primarily with the "human factors", I think it offered me a fresh perspective on security as not just about threats and malicious behavior, but also how legitimate users themselves compromise security (e.g. phishing) if the software developers do not consider the security requirements early in their design. Its fairly easy and highly relevant even for non-programmers such as UI designers and testers.
Was this review helpful to you? YES | NO
a year ago
profile picture
Patrick E. completed this course, spending 4 hours a week on it and found the course difficulty to be easy.
This course is interesting for people who are interested in human-computer interaction and usability aspects of security. However I was a bit disappointed with the level of depth of the course. Also there were a few errors in the course materials and there was no answer from course staff after asking about it in the forums.
Was this review helpful to you? YES | NO
7 months ago
Alexander Gusev completed this course.
I understand that taking it as a part of Cybersec Specialization can seem like a wrong idea if you are into technology, but you actually need to understand user psychology to effectively defend the user.
Was this review helpful to you? YES | NO
0 out of 1 people found the following review useful
2 years ago
Niklas Laxström completed this course.
Was this review helpful to you? YES | NO
0 out of 1 people found the following review useful
2 years ago
Laura R completed this course, spending 2 hours a week on it and found the course difficulty to be easy.
Was this review helpful to you? YES | NO
2 years ago
Oleksandr Kravchuk completed this course.
Was this review helpful to you? YES | NO