Send email Copy Email Address

Email

Address

Lange Laube 6
30159 Hannover (Germany)

Further Information

Short Bio

Prof. Dr. Sascha Fahl has been Pro­fes­sor for com­pu­ter sci­ence and head of the chair for usa­ble se­cu­ri­ty and pri­va­cy since April 2018. Pre­vious­ly, he was head of the in­for­ma­ti­on se­cu­ri­ty in­sti­tu­te at Leib­niz Uni­ver­si­ty in Han­no­ver (2017 - 2018). From 2016 to 2017 he was in­de­pen­dent re­se­arch group lea­der of the usa­ble se­cu­ri­ty and pri­va­cy group at CISPA. He re­cei­ved a PhD in com­pu­ter sci­ence from Leib­niz Uni­ver­si­ty Han­no­ver in 2016. In 2015 he was soft­ware en­gi­neer (SWE) in­tern in the Chro­me Se­cu­ri­ty team at Goog­le in Moun­tain View.

CV: Last stations

Since 2021
Tenured Faculty at CISPA Helmholtz Center for Information Security
Since 2019
Professor at Leibniz University Hannover
2018 – 2019
Associate Professor at Ruhr University Bochum
2017 – 2018
Deputy Professor at Leibniz University Hannover, Germany

Publications by Sascha Fahl

Year 2025

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)
“It’s time. Time for digital security.”: An End User Study on Actionable Security and Privacy Advice

Conference / Medium

International Conference on Human Factors in Computing Systems (CHI)
A Qualitative Study of Adoption Barriers and Challenges for Passwordless Authentication in German Public Administrations

Conference / Medium

Network and Distributed System Security Symposium (NDSS)
Attributing Open-Source Contributions is Critical but Difficult: A Systematic Analysis of GitHub Practices and Their Impact on Software Supply Chain Security.

Conference / Medium

Usenix Security Symposium (USENIX-Security)
"Threat modeling is very formal, it's very technical, and also very hard to do correctly": Investigating Threat Modeling Practices in Open-Source Software Projects.

Year 2024

Conference / Medium

Privacy Enhancing Technologies Symposium (PETS)
“It’s Not My Data Anymore”: Exploring Non-Users’ Privacy Perceptions of Medical Data Donation Apps

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)
Skipping the Security Side Quests: A Qualitative Study on Security Practices and Challenges in Game Development

Conference / Medium

ACM Conference on Computer and Communications Security (CCS)
Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns

Conference / Medium

Usenix Security Symposium (USENIX-Security)
"You have to read 50 different RFCs that contradict each other": An Interview Study on the Experiences of Implementing Cryptographic Standards.

Conference / Medium

Usenix Security Symposium (USENIX-Security)
The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts.

Article

IEEE Access “You received $100,000 from Johnny”: A Mixed-Methods Study on Push Notification Security and Privacy in Android Apps