M. Angela Sasse

Professor M. Angela Sasse

Quick Links: Research Projects | Publications | PhD Students

Photo of Angela SasseHead of Information Security Research

Director of the Science of Cyber Security Research Institute


Office: 6.06, Malet Place Engineering

Tel: +44 020 7679 7212

Fax: +44 020 7387 1397

Email: a.sasse [at] cs.ucl.ac.uk


Research interests: how we design and implement innovative technologies that are fit for purpose, value for money, and improve productivity and well-being of individuals and society.

Angela's full research portrait can be found here


Current research projects

- Productive Security



- Usable Security

The Information Security Group has been integrated with Angela's research on Human-Centred Systems. This new web presence is still evolving to incorporate all the facets of the newly formed research group.


Short Biography

Read psychology in Germany and holds an M.Sc. in Occupational Psychology from Sheffield University, and a PhD in Computer Science (on Users' Models) from the University of Birmingham. Worked as a Human Factors Specialist for Philips Corporate Industrial Design in 1990. Started as Lecturer in the Department of Computer Science at UCL in November 1990.

Beyond UCL


Research Fellows: Dr. Adam Beautement, Dr. Simon Parkin, Dr. Granville Moore 

Current PhD students: Martin Ruskov, Inka Karppinen, Anthony Morton, Kat Krol, Iacovos Kirlappos, Ingolf Becker

List of all PhD students

Recent Publications

  • Ashenden, D., Sasse, A. (2013). CISOs and organisational culture: Their own worst enemy? Computers & Security 39, 396-405, PB doi:10.1016/j.cose.2013.09.004.
  • Bartsch, S., Sasse, M. A. (2013). How Users Bypass Access Control - And Why: The Impact Of Authorization Problems On Individuals And The Organization. Proceedings of the 21st European Conference on Information Systems. ( pp.Paper 53-). Utrecht, Netherland Publisher URL
  • Brostoff, S., Jennett, C., Malheiros, M., Sasse, M. A. (2013). Federated identity to access e-government services - Are citizens ready for this? Proceedings of the 2013 ACM workshop on Digital identity management. ( pp.97-108). New York, NY, USA ACM.
  • Huth, M., Kuo, J. H., Sasse, M. A., Kirlappos, I. (2013). Towards Usable Generation and Enforcement of Trust Evidence from Programmers’ Intent. Human Aspects of Information Security, Privacy, and Trust. Publisher URL
  • Kirlappos, I., Beautement, A., Sasse, M. A. (2013). “Comply or Die” Is Dead: Long Live Security-Aware Principal Agents. Financial Cryptography and Data Security.
  • Malheiros, M., Preibusch, S., Sasse, M. A. (2013). "Fairly truthful": The impact of perceived effort, fairness, relevance, and sensitivity on personal data disclosure. Trust and Trustworthy Computing. ( pp.250-266). London Springer Berlin Heidelberg. Publisher URL
  • Sasse, M. A., Krol, K. (2013). Usable biometrics for an ageing population. In Fairhurst, M. (Ed.). Age factors in biometric processing ( pp.303-320). Stevenage, UK IET. Publisher URL
  • Bartsch, S. and Sasse M.A. (2012) Guiding decisions on authorization policies: a participatory approach to decision support. Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, New York, NY, USA. 1502-1507.
  • Jennett, C., Brostoff, S., Malheiros, M., Sasse, M. A. (2012). Adding insult to injury: consumer experiences of being denied credit. International Journal of Consumer Studies 36(5), 549-555
  • Kirlappos, I., Sasse, M. A. (2012). Security Education against Phishing: A Modest Proposal for a Major Rethink. IEEE Security and Privacy Magazine 10(2), 24-32
  • Kirlappos, I., Sasse, M. A., Harvey, N. (2012). Why Trust Seals Don't Work: A Study of User Perceptions and Behavior. In Katzenbeisser, S., Weippl, E., Camp, L., Volkamer, M., Reiter, M., Zhang, X. (Eds.). Trust and Trustworthy Computing 7344, 308-324. Berlin/Heidelberg: Springer.
  • Malheiros, M., Jennett, C., Patel, S., Brostoff, S., Sasse, M. A. (2012). Too close for comfort: A study of the effectiveness and acceptability of rich-media personalized advertising. Proceedings of the 2012 ACM annual conference on Human Factors in Computing Systems. 579-588. New York, NY, USA: ACM.
  • Zhang, M., Jennett, C., Malheiros, M., and Sasse, M. A. (2012). Data after death: User requirements and design challenges for SNSs and email providers. Presented at Memento Mori: Technology Design for the End of Life (CHI Workshop 2012), Austin, Texas, 05 May 2012 - 10 May 2012
  • Sasse, M. A., Kirlappos, I. (2012). Familiarity Breeds Con-victims: Why We Need More Effective Trust Signaling. In Wakeman, I., Gudes, E., Jensen, C. D., Crampton, J. (Eds.). Trust Management V. Springer-Verlag New York Inc.
  • Malheiros, M., Brostoff, S., Jennett, C. and Sasse, M. A. (2012). Would You Sell Your Mother's Data for a Credit Card? Personal Data Disclosure in a Simulated Credit Card Application. Proceedings of WEIS 2012, Berlin, Germany, 25-26 June.
  • Conti, N., Jennett, C., Maestre, J., and Sasse, M. A. (2012). When did my mobile turn into a 'sellphone'? A study of consumer responses to tailored smartphone ads. BCS-HCI '12 Proceedings of the 26th Annual BCS Interaction Specialist Group Conference on People and Computers, 2012 pp.215-220. Swinton, UK:British Computer Society.
  • Jennett, C., Malheiros, M., Brostoff, S., and Sasse, M. A. (2012). Privacy for applicants versus lenders' needs for predictive power: Is it possible to bridge the gap? In Gutwirth, S., Leenes, R., De Hert, P., Poullet, Y. (Eds.)European Data Protection: In Good Health?, 2012 pp.35-51. SpringerLink.
  • Porter C., Sasse M. A., and Letier E. (2012). Designing acceptable user registration processes for e-services. In Proceedings of HCI 2012 The 26th BCS Conference on Human Computer Interaction. Birmingham, UK, 12 - 14 September 2012
  • Krol, K., Moroz, M. and Sasse, M. A. (2012). Don't Work. Can't Work? Why It's Time to Rethink Security Warnings. 7th International Conference on Risks and Security of Internet and Systems (CRiSIS 2012), 10-12 October 2012, Cork, Ireland.
  • Bartsch, S. and Sasse M.A. (2012) How Users Bypass Access Control and Why: The Impact of Authorization Problems on Individuals and the Organization. Technical Report RN/12/06. Department of Computer Science, University College London. London, UK.

List of all publications

This page was last modified on 11 February, 2014


Internal Links


  • PhD Tutor 1999-2007
  • Chair of Exam Board (Undergraduate) 1998-2000.


Research Students