Send email Copy Email Address
Faculty

Sascha Fahl

Research Group
Empirical & Behavioral Security

Email

Address

Lange Laube 6
30159 Hannover (Germany)

Further Information

Short Bio

Prof. Dr. Sascha Fahl has been Pro­fes­sor for com­pu­ter sci­ence and head of the chair for usa­ble se­cu­ri­ty and pri­va­cy since April 2018. Pre­vious­ly, he was head of the in­for­ma­ti­on se­cu­ri­ty in­sti­tu­te at Leib­niz Uni­ver­si­ty in Han­no­ver (2017 - 2018). From 2016 to 2017 he was in­de­pen­dent re­se­arch group lea­der of the usa­ble se­cu­ri­ty and pri­va­cy group at CISPA. He re­cei­ved a PhD in com­pu­ter sci­ence from Leib­niz Uni­ver­si­ty Han­no­ver in 2016. In 2015 he was soft­ware en­gi­neer (SWE) in­tern in the Chro­me Se­cu­ri­ty team at Goog­le in Moun­tain View.

CV: Last stations

Since 2021
Tenure-track Faculty at CISPA Helmholtz Center for Information Security
Since 2019
Professor at Leibniz University Hannover
2018 – 2019
Associate Professor at Ruhr University Bochum
2017 – 2018
Deputy Professor at Leibniz University Hannover, Germany

Publications by Sascha Fahl

Year 2024

2024-05-20

Everyone for Themselves? A Qualitative Study about Individual Security Setups of Open Source Software Contributors

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags
Empirical & Behavioral Security
Authors
  • Sabrina Amft
  • Sandra Höltervennhoff
  • Rebecca Panskus
  • Karola Marky
  • Sascha Fahl
Full Paper Visit Detail Page
2024-05-11

Mental Models, Expectations and Implications of Client-Side Scanning: An Interview Study with Experts.

Conference / Medium

International Conference on Human Factors in Computing Systems (CHI)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2024-05-11

Analyzing Security and Privacy Advice During the 2022 Russian Invasion of Ukraine on Twitter

Conference / Medium

International Conference on Human Factors in Computing Systems (CHI)

Tags
Empirical & Behavioral Security
Authors
  • Juliane Schmüser
  • Harshini Sri Ramulu
  • Noah Wöhler
  • Christian Stransky
  • Felix Bensmann
  • Dimitar Dimitrov
  • Sebastian Schellhammer
  • Dominik Wermke
  • Stefan Dietze
  • Yasemin Acar
  • Sascha Fahl
Full Paper Visit Detail Page
2024

A Mixed-Methods Study on User Experiences and Challenges of Recovery Codes for an End-to-End Encrypted Service.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page

Year 2023

2023-11-26

“We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-11-15

"Make Them Change it Every Week!": A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-10-20

Securing Your Crypto-API Usage Through Tool Support - A Usability Study

Conference / Medium

IEEE Cybersecurity Development (SecDev)

Tags
Empirical & Behavioral Security
Authors
  • Stefan Krüger
  • Michael Reif
  • Anna-Katharina Wickert
  • Sarah Nadi
  • Karim Ali
  • Eric Bodden
  • Yasemin Acar
  • Mira Mezini
  • Sascha Fahl
Full Paper Visit Detail Page
2023-09-09

"Would You Give the Same Priority to the Bank and a Game? I Do Not!" Exploring Credential Management Strategies and Obstacles during Password Manager Setup.

Conference / Medium

Symposium on Usable Privacy and Security (SOUPS)

Tags
Empirical & Behavioral Security
Authors
  • Sabrina Amft
  • Sandra Höltervennhoff
  • Nicolas Huaman
  • Yasemin Acar
  • Sascha Fahl
Full Paper Visit Detail Page
2023-08-09

"Security is not my field, I'm a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page
2023-08-09

"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags
Empirical & Behavioral Security
Authors
Full Paper Visit Detail Page