Was This You? Investigating the Design Considerations for Suspicious Login Notifications
Sena Sahin
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Privacy & Usability 1
In an increasingly interconnected digital landscape, **account security** remains a paramount concern for users and service providers alike. A critical first line of defense against unauthorized access is the **suspicious login notification (SLN)**, an automated alert triggered when a user's account is accessed from an unusual location, device, or time. Despite their ubiquity, these notifications vary significantly in their design, tone, and the level of detail they provide, often leading to user confusion and potentially ineffective responses. This talk by Sena Sahin, presented at the NDSS Symposium, delves into the intricate world of SLNs, aiming to understand how users interact with them, identify their legitimacy, and decide on appropriate actions.
AI review
Competent usable-security research with a clear methodology — collect real SLNs from the wild, run semi-structured interviews, derive design guidelines. The findings are internally consistent and the defensive implications are actionable. Nothing here will make a security engineer gasp, but it's honest, grounded empirical work in a lane that rarely gets rigorous attention.