headshot

Philipp Markert

Ruhr University Bochum · contact@philipp-markert.com

I'm a postdoctoral researcher at the Ruhr University Bochum in Germany. My research covers computer security and human-computer interaction (HCI), focusing on usable security and authentication.

Education

Ph.D. Student

Ruhr University Bochum, Mobile Security Group
Advisor: Prof. Dr. Markus Dürmuth
July 2018 – August 2023

M.Sc. in IT Security / Information Engineering

Ruhr University Bochum
Overall Grade: Very Good (89/100)
October 2015 – January 2018

Exchange Student

Drexel University
March 2016 – June 2016

B.Sc. in IT Security / Information Engineering

Ruhr University Bochum
Overall Grade: Very Good (90/100)
October 2012 – September 2015

Peer-Reviewed Publications

2023

Understanding Users' Interaction with Login Notifications

Philipp Markert, Leona Lassak, Maximilian Golla, Markus Dürmuth
In Submission

“Someone Definitely Used 0000”: Strategies, Performance, and User Perception of Novice Smartphone-Unlock PIN-Guessers

Daniel V. Bailey, Collins W. Munyendo, Hunter A. Dyer, Miles Grant, Philipp Markert, Adam J. Aviv
European Symposium on Usable Security (EuroUSEC '23)
Copenhagen, Denmark · October 16–17, 2023 · Acceptance: 41.7%

A Transcontinental Analysis of Account Remediation Protocols of Popular Websites

Philipp Markert, Andrick Adhikari, Sanchari Das
Symposium on Usable Security and Privacy (USEC '23)
San Diego, California, USA · February 27, 2023

2022

Where You're Logged In: Analyzing the Usability of Device Activity Pages (Work-in-Progress)

Angel N. Fernandes, Philipp Markert, Sanchari Das
Annual Computer Security Applications Conference (ACSAC '22)
Austin, Texas, USA · December 5–9, 2022

“It's Just a Lot of Prerequisites”: A User Perception and Usability Analysis of the German ID Card as a FIDO2 Authenticator

Markus Keil, Philipp Markert, Markus Dürmuth
European Symposium on Usable Security (EuroUSEC '22)
Karlsruhe, Germany · September 29–30, 2022 · Acceptance: 31.2% · Best Paper Award

“The Same PIN, Just Longer”: On the (In)Security of Upgrading PINs from 4 to 6 Digits

Collins W. Munyendo, Philipp Markert, Alexandra Nisenoff, Miles Grant, Elena Korkes, Blase Ur, Adam J. Aviv
USENIX Security Symposium (SSYM '22)
Boston, Massachusetts, USA · August 10–12, 2022 · Acceptance: 18.1%

“As soon as it's a risk, I want to require MFA”: How Administrators Configure Risk-based Authentication

Philipp Markert, Theodor Schnitzler, Maximilian Golla, Markus Dürmuth
Symposium on Usable Privacy and Security (SOUPS '22)
Boston, Massachusetts, USA · August 7–9, 2022 · Acceptance: 27.8%

2021

Towards Quantum Large-Scale Password Guessing on Real-World Distributions

Markus Dürmuth, Maximilian Golla, Philipp Markert, Alexander May, Lars Schlieper
International Conference on Cryptology and Network Security (CANS '21)
Virtual Conference · December 13–15, 2021 · Acceptance: 32.9%

On the Security of Smartphone Unlock PINs

Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Dürmuth, Adam J. Aviv
ACM Transactions on Privacy and Security (TOPS '21)
Volume 24, Issue 4 · November, 2021 · Impact Factor (2020): 1.909

“I have no idea what they’re trying to accomplish” Enthusiast and Casual Signal Users' Understanding of Signal PINs

Daniel V. Bailey, Philipp Markert, Adam J. Aviv
Symposium on Usable Privacy and Security (SOUPS '21)
Virtual Conference · August 8–10, 2021 · Acceptance: 26.5%

Using a Blocklist to Improve the Security of User Selection of Android Patterns

Collins W. Munyendo, Miles Grant, Philipp Markert, Timothy J. Forman, Adam J. Aviv
Symposium on Usable Privacy and Security (SOUPS '21)
Virtual Conference · August 8–10, 2021 · Acceptance: 26.5%

My Account Is Compromised – What Do I Do? Towards an Intercultural Analysis of Account Remediation for Websites

Kathryn Walsh, Faiza Tazi, Philipp Markert, Sanchari Das
Workshop on Inclusive Privacy and Security (WIPS ’21)
Virtual Conference · August 7–8, 2021

2020

Knock, Knock. Who's There? On the Security of LG's Knock Codes

Raina Samuel, Philipp Markert, Adam J. Aviv, Iulian Neamtiu
Symposium on Usable Privacy and Security (SOUPS '20)
Virtual Conference · August 7–11, 2020 · Acceptance: 19.8%

“You still use the password after all” – Exploring FIDO2 Security Keys in a Small Company

Florian M. Farke, Lennart Lorenz, Theodor Schnitzler, Philipp Markert, Markus Dürmuth
Symposium on Usable Privacy and Security (SOUPS '20)
Virtual Conference · August 7–11, 2020 · Acceptance: 19.8%

This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs

Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Dürmuth, Adam J. Aviv
IEEE Symposium on Security and Privacy (SP '20)
Virtual Conference · May 18–20, 2020 · Acceptance: 11.7%

2019

View The Email to Get Hacked: Attacking SMS-Based Two-Factor Authentication

Philipp Markert, Florian M. Farke, Markus Dürmuth
Who Are You?! Adventures in Authentication (WAY '19)
Santa Clara, California, USA · August 11, 2019

Work in Progress: A Comparative Long-Term Study of Fallback Authentication

Philipp Markert, Maximilian Golla, Elizabeth Stobert, Markus Dürmuth
Workshop on Usable Security and Privacy (USEC '19)
San Diego, California, USA · February 24, 2019

Academic Service

Reviewing

  • Program Committee: Usable Security and Privacy Symposium (USEC '23)
  • Program Committee: Workshop on Inclusive Privacy and Security (WIPS '22)
  • Program Committee: Who Are You?! Adventures in Authentication Workshop (WAY '20, WAY '21)
  • Reviewer: ACM Conference On Computer-Supported Cooperative Work And Social Computing (CSCW '23)
  • Reviewer: ACM Conference on Human Factors in Computing Systems (CHI '21, CHI '22, CHI '23)
  • Reviewer: Journal of Cybersecurity (CyberSec '21)
  • Reviewer: ACM International Conference on Mobile Human-Computer Interaction (MobileHCI '21)
  • Reviewer: IEEE Transactions on Dependable and Secure Computing (TDSC '21)
  • Reviewer: ACM Transactions on Privacy and Security (TOPS '20)
  • External Reviewer: International Conference on Cryptology and Network Security (CANS '21)
  • External Reviewer: Symposium on Usable Privacy and Security (SOUPS '20, SOUPS '21)

Organizing

  • Session Chair Student Volunteer: Symposium on Usable Privacy and Security (SOUPS '20, SOUPS '21)

Teaching

Lectures & Seminars

  • Ruhr University Bochum, Seminar Usable Security and Privacy Research, Winter 2021/22 (Instructor; 11 Students)
  • Ruhr University Bochum, User Authentication, Winter 2021/22 (Co-instructor; 19 Students)
  • Ruhr University Bochum, Seminar Usable Security and Privacy Research, Summer 2021 (Instructor; 9 Students)
  • Ruhr University Bochum, Seminar Usable Security and Privacy Research, Winter 2020/21 (Instructor; 7 Students)
  • Ruhr University Bochum, User Authentication, Winter 2020/21 (Co-instructor; 22 Students)
  • Ruhr University Bochum, Seminar Usable Security and Privacy Research, Summer 2020 (Instructor; 6 Students)
  • Ruhr University Bochum, Seminar Human Centered Security and Privacy, Winter 2019/20 (Instructor; 11 Students)
  • Ruhr University Bochum, User Authentication, Winter 2019/20 (Co-instructor; 24 Students)
  • Ruhr University Bochum, Seminar Human Centered Security and Privacy, Summer 2019 (Instructor; 8 Students)
  • Ruhr University Bochum, User Authentication, Winter 2018/19 (Co-instructor; 28 Students)

Supervised Theses

During my time at Ruhr University Bochum, I have been privileged to supervise two master's and six bachelor's students on their final theses. Some of these projects have led to publications (e.g., the SOUPS '22 and EuroUSEC '22 papers).

Miscellaneous

Selected Media Coverage

For “‘You still use the password after all’ – Exploring FIDO2 Security Keys in a Small Company”

For “Knock, Knock. Who’s There? On the Security of LG's Knock Codes”

For “This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs”

Invited Talks & Guest Lectures