Professor M. Angela Sasse

Quick Links: Research Projects | Publications | PhD Students

Photo of Angela SasseHead of Information Security Research

Director of the UK Research Institute in Science of Cyber Security (RISCS


Office: 6.22, Malet Place Engineering

Tel: +44 020 7679 7212

Fax: +44 020 7387 1397

Email: a.sasse [at]


Research interests: how we design and implement innovative technologies that are fit for purpose, value for money, and improve productivity and well-being of individuals and society.

Angela's full research portrait can be found here


Current research projects

- Productive Security


Short Biography

Read psychology in Germany and holds an M.Sc. in Occupational Psychology from Sheffield University, and a PhD in Computer Science (on Users' Models) from the University of Birmingham. Worked as a Human Factors Specialist for Philips Corporate Industrial Design in 1990. Started as Lecturer in the Department of Computer Science at UCL in November 1990.

Beyond UCL


Research Fellows: Dr. Adam Beautement, Dr. Simon Parkin, Dr. Granville Moore, Dr. Brian Glass

Current PhD students: Martin Ruskov, Inka Karppinen, Anthony Morton, Kat Krol, Iacovos Kirlappos, Ingolf Becker

List of all PhD students

Recent Publications

  • Angela Sasse, M. (2014). "Technology should be smarter than this!": A vision for overcoming the great authentication fatigue. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 8425 LNCS, 33-36 doi:10.1007/978-3-319-06811-4_7
  • Kirlappos, I., Sasse, M. A. (2014). What Usable Security Really Means: Trusting and Engaging Users. HCI International. Publisher URL
  • Kirlappos, I., Parkin, S., Sasse, M. A. (2014). Learning from “Shadow Security”: Why understanding non-compliance provides the basis for effective security. Workshop on Usable Security.
  • Sasse, M. A., Kirlappos, I. (2014). Design for Trusted and Trustworthy Services: Why We Must Do Better. In Trust, Computing, and Society ( pp.229-249). Cambridge University Press. Publisher URL
  • Sasse, M. A., Palmer, C. C. (2014). Protecting you. IEEE Security and Privacy 12(1), 11-13 doi:10.1109/MSP.2014.11.
  • Sasse, M. A., Steves, M., Krol, K., Chisnell, D. (2014). The Great Authentication Fatigue – And How to Overcome It. Cross-Cultural Design 6th International Conference, CCD 2014 Held as Part of HCI International 2014 Heraklion, Crete, Greece, June 22-27, 2014: Proceedings. ( Vol. 8528 pp.228-228). Cham, Switzerland Springer International Publishing. Publisher URL
  • Ashenden, D., Sasse, A. (2013). CISOs and organisational culture: Their own worst enemy? Computers & Security 39, 396-405, PB doi:10.1016/j.cose.2013.09.004.
  • Bartsch, S., Sasse, M. A. (2013). How Users Bypass Access Control - And Why: The Impact Of Authorization Problems On Individuals And The Organization. Proceedings of the 21st European Conference on Information Systems. ( pp.Paper 53-). Utrecht, Netherland Publisher URL
  • Brostoff, S., Jennett, C., Malheiros, M., Sasse, M. A. (2013). Federated identity to access e-government services - Are citizens ready for this? Proceedings of the 2013 ACM workshop on Digital identity management. ( pp.97-108). New York, NY, USA ACM.
  • Huth, M., Kuo, J. H., Sasse, M. A., Kirlappos, I. (2013). Towards Usable Generation and Enforcement of Trust Evidence from Programmers’ Intent. Human Aspects of Information Security, Privacy, and Trust. Publisher URL
  • Kirlappos, I., Beautement, A., Sasse, M. A. (2013). “Comply or Die” Is Dead: Long Live Security-Aware Principal Agents. Financial Cryptography and Data Security.
  • Malheiros, M., Preibusch, S., Sasse, M. A. (2013). "Fairly truthful": The impact of perceived effort, fairness, relevance, and sensitivity on personal data disclosure. Trust and Trustworthy Computing. ( pp.250-266). London Springer Berlin Heidelberg. Publisher URL
  • Sasse, M. A., Krol, K. (2013). Usable biometrics for an ageing population. In Fairhurst, M. (Ed.). Age factors in biometric processing ( pp.303-320). Stevenage, UK IET. Publisher URL
  • Bartsch, S. and Sasse M.A. (2012) Guiding decisions on authorization policies: a participatory approach to decision support. Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, New York, NY, USA. 1502-1507.
  • Jennett, C., Brostoff, S., Malheiros, M., Sasse, M. A. (2012). Adding insult to injury: consumer experiences of being denied credit. International Journal of Consumer Studies 36(5), 549-555
  • Kirlappos, I., Sasse, M. A. (2012). Security Education against Phishing: A Modest Proposal for a Major Rethink. IEEE Security and Privacy Magazine 10(2), 24-32
  • Kirlappos, I., Sasse, M. A., Harvey, N. (2012). Why Trust Seals Don't Work: A Study of User Perceptions and Behavior. In Katzenbeisser, S., Weippl, E., Camp, L., Volkamer, M., Reiter, M., Zhang, X. (Eds.). Trust and Trustworthy Computing 7344, 308-324. Berlin/Heidelberg: Springer.
  • Malheiros, M., Jennett, C., Patel, S., Brostoff, S., Sasse, M. A. (2012). Too close for comfort: A study of the effectiveness and acceptability of rich-media personalized advertising. Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems. 579-588. New York, NY, USA: ACM.
  • Zhang, M., Jennett, C., Malheiros, M., and Sasse, M. A. (2012). Data after death: User requirements and design challenges for SNSs and email providers. Presented at Memento Mori: Technology Design for the End of Life (CHI Workshop 2012), Austin, Texas, 05 May 2012 - 10 May 2012
  • Sasse, M. A., Kirlappos, I. (2012). Familiarity Breeds Con-victims: Why We Need More Effective Trust Signaling. In Wakeman, I., Gudes, E., Jensen, C. D., Crampton, J. (Eds.). Trust Management V. Springer-Verlag New York Inc.
  • Malheiros, M., Brostoff, S., Jennett, C. and Sasse, M. A. (2012). Would You Sell Your Mother's Data for a Credit Card? Personal Data Disclosure in a Simulated Credit Card Application. Proceedings of WEIS 2012, Berlin, Germany, 25-26 June.
  • Conti, N., Jennett, C., Maestre, J., and Sasse, M. A. (2012). When did my mobile turn into a 'sellphone'? A study of consumer responses to tailored smartphone ads. BCS-HCI '12 Proceedings of the 26th Annual BCS Interaction Specialist Group Conference on People and Computers, 2012 pp.215-220. Swinton, UK:British Computer Society.
  • Jennett, C., Malheiros, M., Brostoff, S., and Sasse, M. A. (2012). Privacy for applicants versus lenders' needs for predictive power: Is it possible to bridge the gap? In Gutwirth, S., Leenes, R., De Hert, P., Poullet, Y. (Eds.)European Data Protection: In Good Health?, 2012 pp.35-51. SpringerLink.
  • Porter C., Sasse M. A., and Letier E. (2012). Designing acceptable user registration processes for e-services. In Proceedings of HCI 2012 The 26th BCS Conference on Human Computer Interaction. Birmingham, UK, 12 - 14 September 2012
  • Krol, K., Moroz, M. and Sasse, M. A. (2012). Don't Work. Can't Work? Why It's Time to Rethink Security Warnings. 7th International Conference on Risks and Security of Internet and Systems (CRiSIS 2012), 10-12 October 2012, Cork, Ireland.
  • Bartsch, S. and Sasse M.A. (2012) How Users Bypass Access Control and Why: The Impact of Authorization Problems on Individuals and the Organization. Technical Report RN/12/06. Department of Computer Science, University College London. London, UK.

List of all publications

This page was last modified on 12 May, 2015


Internal Links


  • PhD Tutor 1999-2007
  • Chair of Exam Board (Undergraduate) 1998-2000.


Research Students