Send email Copy Email Address
Faculty

Sascha Fahl

Research Group
Empirical & Behavioral Security

Email

Address

Lange Laube 6
30159 Hannover (Germany)

Further Information

Short Bio

Prof. Dr. Sascha Fahl has been Pro­fes­sor for com­pu­ter sci­ence and head of the chair for usa­ble se­cu­ri­ty and pri­va­cy since April 2018. Pre­vious­ly, he was head of the in­for­ma­ti­on se­cu­ri­ty in­sti­tu­te at Leib­niz Uni­ver­si­ty in Han­no­ver (2017 - 2018). From 2016 to 2017 he was in­de­pen­dent re­se­arch group lea­der of the usa­ble se­cu­ri­ty and pri­va­cy group at CISPA. He re­cei­ved a PhD in com­pu­ter sci­ence from Leib­niz Uni­ver­si­ty Han­no­ver in 2016. In 2015 he was soft­ware en­gi­neer (SWE) in­tern in the Chro­me Se­cu­ri­ty team at Goog­le in Moun­tain View.

CV: Last stations

Since 2021
Tenure-track Faculty at CISPA Helmholtz Center for Information Security
Since 2019
Professor at Leibniz University Hannover
2018 – 2019
Associate Professor at Ruhr University Bochum
2017 – 2018
Deputy Professor at Leibniz University Hannover, Germany

Publications by Sascha Fahl

Year 2025

2025-05-12

Transparency in Usable Privacy and Security Research: Scholars’ Perspectives, Practices, and Recommendations

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2025-05-12

“I’m pretty expert and I still screw it up”: Qualitative Insights into Experiences and Challenges of Designing and Implementing Cryptographic Library APIs

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
Visit Detail Page
2025-05-12

“It’s time. Time for digital security.”: An End User Study on Actionable Security and Privacy Advice

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
  • Anna Lena Rotthaler
  • Harshini Sri Ramulu
  • Lucy Simko
  • Sascha Fahl
  • Yasemin Acar
Visit Detail Page
2025-04-26

A Qualitative Study of Adoption Barriers and Challenges for Passwordless Authentication in German Public Administrations

Conference / Medium

International Conference on Human Factors in Computing Systems (CHI)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2025-02-24

Attributing Open-Source Contributions is Critical but Difficult: A Systematic Analysis of GitHub Practices and Their Impact on Software Supply Chain Security.

Conference / Medium

Network and Distributed System Security Symposium (NDSS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2024

2024-10-16

“It’s Not My Data Anymore”: Exploring Non-Users’ Privacy Perceptions of Medical Data Donation Apps

Conference / Medium

Privacy Enhancing Technologies Symposium (PETS)

Tags
Empirical & Behavioral Security
Authors
  • Sarah Abdelwahab Gaballah
  • Lamya Abdullah
  • Ephraim Zimmer
  • Sascha Fahl
  • Max Mühlhäuser
  • Karola Marky
Full Paper Visit Detail Page
2024-10-14

Skipping the Security Side Quests: A Qualitative Study on Security Practices and Challenges in Game Development

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-10-02

Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
  • Jan Klemmer
  • Stefan Albert Horstmann
  • Nikhil Patnaik
  • Cordelia Ludden
  • Cordell Burton Jr
  • Carson Powers
  • Fabio Massacci
  • Akond Rahman
  • Daniel Votipka
  • Heather Richter Lipford
  • Awais Rashid
  • Alena Naiakshina
  • Sascha Fahl
Full Paper Visit Detail Page
2024-08-14

The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
  • Konstantin Fischer
  • Ivana Trummová
  • Phillip Gajland
  • Yasemin Acar
  • Sascha Fahl
  • M Angela Sasse
Full Paper Visit Detail Page
2024-08-14

"You have to read 50 different RFCs that contradict each other": An Interview Study on the Experiences of Implementing Cryptographic Standards.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page