Secure Comics

Secure Comics is a comic series that I created to improve users’ understanding of computer security and privacy. Intended for a non-technical audience, the comic raises computer security awareness in a visual, easy to digest comic format.


The Comic

Secure Comics is an online comic series about cybersecurity and privacy. Brush up your knowledge about passwords, malware, and online privacy while you follow Agent Jack and Nina as they solve computer security crimes to protect users against the super hacker, "Hack."


Three chapters about passwords, malware, and online privacy

Develop essential knowledge about online threats

Ten interactive features that help you enhance your understanding

Suitable for all ages

Secure Comics Screenshot


Secure Comics is a part of a research initiative to improve people’s understanding of computer security through visualizations. This work is the first step towards discovering novel methods of visualization that communicate technical security information to a non-expert audience.


End-users interact with computer security technologies daily (e.g., password mechanisms, antivirus software, privacy controls), but they typically have misconceptions about how they work, and a poor understanding of online risks.


To help to correct poor security behaviour, I created Secure Comics and showed that interactive visual narratives like comics are an effective format for improving comprehension and engagement with security information. The work improved end-users’ computer security awareness about three important computer security concepts: passwords, malware, and online privacy.


Educational comics can demonstrate complex topics illustratively through the use of narrative and characters. The format delivers information through a juxtaposition of text and images and breaks down complex concepts visually to aid comprehension.


I created Secure Comic using Adobe Creative Suite graphics software. First, pencil sketches were scanned and imported into Adobe Illustrator, where I created the drawings using a Wacom Intuos Graphics Pen and Touch tablet.  Next, the graphical assets were imported into a development application for implementation.

Characters + narrative

The main characters, Jack and Nina, are cyber-detectives who solve computer security crimes to protect the public from the cyber-villain “Hack.” Jack and Nina act as mentors to teach users about various risks and protection strategies.


Secure Comics teaches users important computer security concepts, how they work, and provides tips and advice on how users could protect themselves from online risks. For example, the Password Comic teaches users the concept “passwords are like locks” (left), and how to create a strong and memorable password using a passphrase (right).

Password Comic Screenshot
Password Comic Screenshot


Secure Comics was evaluated with adults and children that included usability evaluations and security and privacy knowledge and behaviour assessments with pre/post-tests and one week later.


Several user studies showed superior improvements in users’ security and privacy knowledge, retention, and behaviour after one week..


A visual approach to computer security education creates greater engagement, comprehension, and improvements in user behaviour than existing text-alone educational approaches.


If you are interested to learn more about the research behind Secure Comics, you can read our papers.

Leah Zhang-Kennedy, Khadija Baig, and Sonia Chiasson. (2017) Engaging Children About Online Privacy Through Storytelling in an Interactive Comic. In British HCI.

L. Zhang-Kennedy, S. Chiasson, and R. Biddle. (2015) The Role of Instructional Design in Persuasion: A Comics Approach for Improving Cyber Security. International Journal of Human-Computer Interaction (IJHCI) on Persuasive Interactive Systems, Taylor & Francis.

L. Zhang-Kennedy, S. Chiasson, and R. Biddle. (2014) Stop clicking on "update later": Persuading users they need up-to-date antivirus protection. In Persuasive Technology, Springer.

This project was funded by the Office of the Privacy Commissioner of Canada (OPC) from June 2013 to April 2014; the views expressed herein are those of the author(s) and do not necessarily reflect those of the OPC. Partial funding was also provided by the NSERC ISSNet Strategic Network (2012-2013) and the GRAND Networks of Centers of Excellence (2013).