Lujo Bauer is a professor in the Electrical and Computer Engineering Department and in the Institute for Software Research at Carnegie Mellon University. He received his B.S. in Computer Science from Yale University in 1997 and his Ph.D. in Computer Science from Princeton University in 2003.

Bauer's research interests span many areas of computer security and privacy, and include building usable access-control systems with sound theoretical underpinnings, developing languages and systems for run-time enforcement of security policies on programs, and generally narrowing the gap between a formal model and a practical, usable system. His recent work focuses on developing tools and guidance to help users stay safer online, and in examining how advances in machine learning can lead to a more secure future.

Bauer served as the program chair for the flagship computer security conferences of the IEEE (S&P 2015) and the Internet Society (NDSS 2014) and is an associate editor of ACM Transactions on Information and System Security.

2203 Collaborative Innovation Center
Google Scholar
Lujo Bauer
Lujo Bauer's website

Helping Users Manage Online Data

On the Future of AI


2003 Ph.D., Computer Science, Princeton University

1999 MA, Computer Science, Princeton University

1997 BS, Computer Science, Yale University


Media mentions

CyLab Security and Privacy Institute

Three CyLab papers presented at the FTC’s PrivacyCon 2020

Three CyLab papers were presented at this year's PrivacyCon, focusing on privacy and security nutrition labels, making privacy choices easier, and perceptions of advanced video analytics.


Bauer on password safety

CyLab/ECE’s Lujo Bauer was quoted in a Forbes article about the importance of creating safe, unique passwords. “Reusing the same or a slightly changed password across accounts is a huge source of risk,” he said.

The Wall Street Journal

Bauer quoted on data privacy

CyLab/ECE’s Lujo Bauer was quoted in The Wall Street Journal on a new messaging app called Signal.

Fox News

Bauer quoted on password security

CyLab’s Lujo Bauer was quoted in Fox News on how users can keep their accounts safe using passwords.

CyLab Security and Privacy Institute

After a breach, users rarely change their passwords, and when they do, they’re often weaker

A recent study authored by CyLab researchers shows that only a minority of people change their passwords after a security breach, and those that do often change them to weaker ones.

CyLab Security and Privacy Institute

Passwords research group awarded the 2020 Allen Newell Award for Research Excellence

A group of CyLab faculty and graduate students were just awarded the Allen Newell Award for Research Excellence for their contributions from a decade of passwords research.

CyLab Security and Privacy Institute

Q&A with Lujo Bauer

Many Americans are entering their fifth of working remotely, which has resulted in new paradigms in their own and their employers’ cybersecurity and privacy. CyLab's Lujo Bauer has been monitoring the situation.

The Next Web

Bauer and Sharif cited on facial recognition

A paper on facial recognition by ECE/CyLab’s Lujo Bauer and Mahmood Sharif was cited in an article by The Next Web about deep learning advances for computer vision.

CyLab Security and Privacy Institute

Edge computing, ad-blocking, and more: CyLab announces 2020 seed funding awardees

Over $500K in seed funding has been awarded to 10 different CyLab faculty in six different departments across three colleges at CMU.

CyLab Security and Privacy Institute

Second round of Secure and Private IoT Initiative funded projects announced

Carnegie Mellon CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has announced its second round of funding, which will support ten IoT-related projects for one year.

The Atlantic

Bauer and Sharif’s “special glasses” mentioned in The Atlantic

CyLab/ECE’s Lujo Bauer and Mahmood Sharif’s “special glasses” were mentioned in The Atlantic in an article about online privacy.

CyLab Security and Privacy Institute

Why people (don’t) use password managers effectively

A recent study by a team of CyLab researchers, including Pearman, provides some insight into how ineffectively people may be using password managers, potentially nullifying the benefits the managers are meant to provide.