Sascha Fahl
Orcid: 0000-0002-5644-3316Affiliations:
- Leibniz University Hannover, Germany
- CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
According to our database1,
Sascha Fahl
authored at least 85 papers
between 2011 and 2025.
Collaborative distances:
Collaborative distances:
Timeline
Legend:
Book In proceedings Article PhD thesis Dataset OtherLinks
Online presence:
-
on orcid.org
On csauthors.net:
Bibliography
2025
"It's Not My Data Anymore": Exploring Non-Users' Privacy Perceptions of Medical Data Donation Apps.
Proc. Priv. Enhancing Technol., 2025
2024
Unraveling Challenges with Supply-Chain Levels for Software Artifacts (SLSA) for Securing the Software Supply Chain.
CoRR, 2024
How the Future Works at SOUPS: Analyzing Future Work Statements and Their Impact on Usable Security and Privacy Research.
CoRR, 2024
"You Received $100,000 From Johnny": A Mixed-Methods Study on Push Notification Security and Privacy in Android Apps.
IEEE Access, 2024
"You have to read 50 different RFCs that contradict each other": An Interview Study on the Experiences of Implementing Cryptographic Standards.
Proceedings of the 33rd USENIX Security Symposium, 2024
A Mixed-Methods Study on User Experiences and Challenges of Recovery Codes for an End-to-End Encrypted Service.
Proceedings of the 33rd USENIX Security Symposium, 2024
The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts.
Proceedings of the 33rd USENIX Security Symposium, 2024
Everyone for Themselves? A Qualitative Study about Individual Security Setups of Open Source Software Contributors.
Proceedings of the IEEE Symposium on Security and Privacy, 2024
Committed to Trust: A Qualitative Study on Security and Trust in Open Source Software Projects.
Proceedings of the Software Engineering 2024, Fachtagung des GI-Fachbereichs Softwaretechnik, Linz, Austria, February 26, 2024
Always Contribute Back: A Qualitative Study on Security Challenges of the Open Source Supply Chain.
Proceedings of the Software Engineering 2024, Fachtagung des GI-Fachbereichs Softwaretechnik, Linz, Austria, February 26, 2024
Analyzing Security and Privacy Advice During the 2022 Russian Invasion of Ukraine on Twitter.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2024
Mental Models, Expectations and Implications of Client-Side Scanning: An Interview Study with Experts.
Proceedings of the CHI Conference on Human Factors in Computing Systems, 2024
Skipping the Security Side Quests: A Qualitative Study on Security Practices and Challenges in Game Development.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024
Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024
2023
Dataset, September, 2023
Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites.
Proc. Priv. Enhancing Technol., January, 2023
IEEE Secur. Priv., 2023
Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication.
CoRR, 2023
"Security is not my field, I'm a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry.
Proceedings of the 32nd USENIX Security Symposium, 2023
Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories.
Proceedings of the 32nd USENIX Security Symposium, 2023
"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.
Proceedings of the 32nd USENIX Security Symposium, 2023
It's like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023
Proceedings of the Nineteenth Symposium on Usable Privacy and Security, 2023
"Would You Give the Same Priority to the Bank and a Game? I Do Not!" Exploring Credential Management Strategies and Obstacles during Password Manager Setup.
Proceedings of the Nineteenth Symposium on Usable Privacy and Security, 2023
Proceedings of the IEEE Secure Development Conference, 2023
"Make Them Change it Every Week!": A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023
"We've Disabled MFA for You": An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023
2022
They Would Do Better If They Worked Together: Interaction Problems Between Password Managers and the Web.
IEEE Secur. Priv., 2022
Committed by Accident: Studying Prevention and Remediation Strategies Against Secret Leakage in Source Code Repositories.
CoRR, 2022
"Please help share!": Security and Privacy Advice on Twitter during the 2022 Russian Invasion of Ukraine.
CoRR, 2022
Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples.
Proceedings of the 31st USENIX Security Symposium, 2022
Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022
27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022
How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022
If You Can't Get Them to the Lab: Evaluating a Virtual Study Environment with Security Information Workers.
Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022
2021
Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications.
Proceedings of the 30th USENIX Security Symposium, 2021
A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises.
Proceedings of the 30th USENIX Security Symposium, 2021
They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021
On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security.
Proceedings of the Seventeenth Symposium on Usable Privacy and Security, 2021
Never ever or no matter what: Investigating Adoption Intentions and Misconceptions about the Corona-Warn-App in Germany.
Proceedings of the Seventeenth Symposium on Usable Privacy and Security, 2021
2020
From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security.
Proceedings of the 29th USENIX Security Symposium, 2020
Cloudy with a Chance of Misconceptions: Exploring Users' Perceptions and Expectations of Security and Privacy in Cloud Office Suites.
Proceedings of the Sixteenth Symposium on Usable Privacy and Security, 2020
Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs.
Proceedings of the CHI '20: CHI Conference on Human Factors in Computing Systems, 2020
2019
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019
2018
Your Secrets Are Safe: How Browsers' Explanations Impact Misconceptions About Private Browsing Mode.
Proceedings of the 2018 World Wide Web Conference on World Wide Web, 2018
Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse.
Proceedings of the 27th USENIX Security Symposium, 2018
The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators.
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018
Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse.
Proceedings of the Fourteenth Symposium on Usable Privacy and Security, 2018
Proceedings of the 34th Annual Computer Security Applications Conference, 2018
2017
IEEE Secur. Priv., 2017
Lessons Learned from Using an Online Platform to Conduct Large-Scale, Online Controlled Security Experiments with Software Developers.
Proceedings of the 10th USENIX Workshop on Cyber Security Experimentation and Test, 2017
Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017
Proceedings of the Thirteenth Symposium on Usable Privacy and Security, 2017
Proceedings of the IEEE Cybersecurity Development, SecDev 2017, Cambridge, MA, USA, 2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017
2016
On the importance of ecologically valid usable security research for end users and IT workers.
PhD thesis, 2016
Proceedings of the 25th USENIX Security Symposium, 2016
You Get Where You're Looking for: The Impact of Information Sources on Code Security.
Proceedings of the IEEE Symposium on Security and Privacy, 2016
Proceedings of the IEEE Symposium on Security and Privacy, 2016
You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users.
Proceedings of the IEEE Cybersecurity Development, 2016
2015
Proceedings of the 24th USENIX Security Symposium, 2015
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015
VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015
2014
You Won't Be Needing These Any More: On Removing Unused Certificates from Trust Stores.
Proceedings of the Financial Cryptography and Data Security, 2014
Proceedings of the IEEE 27th Computer Security Foundations Symposium, 2014
Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014
Why eve and mallory (also) love webmasters: a study on the root causes of SSL misconfigurations.
Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014
2013
Proceedings of the Symposium On Usable Privacy and Security, 2013
On the Acceptance of Privacy-Preserving Authentication Technology: The Curious Case of National Identity Cards.
Proceedings of the Privacy Enhancing Technologies - 13th International Symposium, 2013
Proceedings of the Financial Cryptography and Data Security, 2013
Hey, You, Get Off of My Clipboard - On How Usability Trumps Security in Android Password Managers.
Proceedings of the Financial Cryptography and Data Security, 2013
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013
2012
Proceedings of the 21st World Wide Web Conference, 2012
Proceedings of the 11th IEEE International Conference on Trust, 2012
Proceedings of the Symposium On Usable Privacy and Security, 2012
Towards privacy-preserving access control with hidden policies, hidden credentials and hidden decisions.
Proceedings of the Tenth Annual International Conference on Privacy, Security and Trust, 2012
Proceedings of the 23rd ACM Conference on Hypertext and Social Media, 2012
Proceedings of the 6th IEEE International Conference on Digital Ecosystems and Technologies, 2012
Proceedings of the ACM Conference on Computer and Communications Security, 2012
Proceedings of the ACM Conference on Computer and Communications Security, 2012
2011
Proceedings of the 19th International Euromicro Conference on Parallel, 2011