The Mobile Security Group was es­ta­blis­hed in 2014 at the Fa­cul­ty of Elec­tri­cal En­gi­nee­ring and In­for­ma­ti­on Tech­no­lo­gy and is part of the Horst-Görtz-In­sti­tu­te for IT-Se­cu­ri­ty (HGI). The group is headed by Prof. Dr. Markus Dürmuth.


Privacy Perceptions and Acceptance of Corona Apps

30.06.2020 - Theodor Schnitzler

We provide first results of our study exploring privacy perceptions and acceptance of Corona Apps in Germany. We explore how different factors affect users' willingness to use for different types of apps. Read the preprint (in German only) here .

Usenix Symposium on Usable Privacy and Security 2020 (SOUPS'20))

24.05.2020 - Florian Farke

RUB has three papers accepted at the Usenix Symposium on Usable Privacy and Security 2020 (SOUPS'20), and our group is involved in two of them:

Teaching in the Summer Term 2020

01.04.2020 - Philipp Markert

This summer term we offer the lecture Usa­ble Se­cu­ri­ty and Pri­va­cy for Master students and the lecture IT-Si­cher­heit für Geis­tes- und Ge­sell­schafts­wis­sen­schaf­ten. Both lectures will be held online. More information can be found in the respective courses on Moodle which are now open for enrollment.

We also offer the Bachelor-Seminar and Master-Seminar "Usa­ble Se­cu­ri­ty and Pri­va­cy Re­se­arch". Enrollment for this seminar is no longer possible. The Prac­tical Cour­se on Usa­ble Se­cu­ri­ty and Pri­va­cy will not be offered this semester.

This PIN Can Be Easily Guessed

11.03.2020 - Philipp Markert

Our latest work on the security of 4- and 6-digit PINs and the effect of blacklists is now available online at (news coverage can be found in English [1], [2], [3] and German [4], [5], [6]). The results will be presented at this year's IEEE Symposium on Security and Privacy in San Francisco.

Complete article

BSI updates requirements for password expiration

05.02.2020 - Markus Duermuth

The German BSI (Bundesamt für Sicherheit in der Informationstechnik) published an updated version of it's IT Baseline Protection recommendations (IT-Grundschutz), updating the requirements for password-based authentication. (In the news here, here, and here.)

> zum Nachrichtenarchiv