Nicolas Christin is an associate professor at Carnegie Mellon University, jointly appointed in the School of Computer Science and the Department of Engineering & Public Policy. He is affiliated with the Institute for Software Research and is a core faculty member in CyLab, the university-wide information security institute. He also has courtesy appointments in the Information Networking Institute and the Department of Electrical and Computer Engineering. Christin holds a Diplôme d'Ingénieur from l'École centrale de Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. He was a researcher in the School of Information at the University of California, Berkeley, prior to joining Carnegie Mellon in 2005.

2202 Collaborative Innovation Center
Google Scholar
Nicolas Christin
Nicolas Christin's website

Studying Cybercrime for Prevention and Enforcement


2003 Ph.D., Computer Science, University of Virginia

2000 MS, Computer Science, University of Virginia

1999 Diplôme d'Ingénieur, École Centrale Lille, Franc


Media mentions

CMU Engineering

Why people (don’t) use password managers effectively

A recent study by a team of CyLab researchers, including Pearman, provides some insight into how ineffectively people may be using password managers, potentially nullifying the benefits the managers are meant to provide.

CMU Engineering

Security and privacy need to be easy

In 2005, Carnegie Mellon hosted a first-of-its-kind conference that brought together researchers from dozens of universities and companies around the world with one mission: make privacy and security tools easier to use. That conference, the Symposium On Usable Privacy and Security (SOUPS), is holding its 15th annual meeting next month. SOUPS, as well as the entire usable privacy and security field, have deep roots at CMU.


Christin says dark-web ecosystem undented by law enforcement efforts

CyLab’s Nicolas Christin takes a look at law enforcement officials’ struggle to deter new dark-web marketplaces from growing in the wake of major law enforcement busts.

CMU Engineering

Blame the tech, not the users

A recent study led by researchers in Carnegie Mellon University’s CyLab found that when a personal device has fallen victim to some sort of cyberattack, users often misdiagnose what exactly is going on–but they’re not the ones to blame.

CMU Engineering

2019 Dean’s Early Career Fellows

Three young faculty members have been granted the 2019 Dean’s Early Career Fellowship to enable their continued contributions to their respective fields.

CMU Engineering

Preventing exposure to malicious websites

A team of CyLab researchers have developed a mechanism that detects when users may be about to visit a malicious website.

CMU Engineering

As advertised? Exposing lies about VPN locations

A strange observation led a CyLab researcher to figure out how to detect when VPN services are lying about their location.

The Piper (CMU)

College of Engineering faculty awarded the IEEE Cybersecurity Award

At the IEEE Cybersecurity Development Conference, ECE/CyLab’s Lujo Bauer, EPP/CyLab’s Nicolas Christin, and EPP/CyLab’s Lorrie Cranor received the IEEE Cybersecurity Award for Practice for their research on how to make passwords easier for users but harder for hackers to guess.

CMU Engineering

CyLab study finds users may be over-confident in protections of private browsing

A team of researchers from the CyLab Usable Privacy and Security Lab analyzed 450 consenting users' browsing behaviors over a three-year period. Their study was presented at last month's Symposium on Usable Privacy and Security in Baltimore.

NBC News

Christin quoted on the dangers of typosquatters

CyLab/EPP’s Nicholas Christin spoke with NBC News about criminals known as “typosquatters,” who use people’s common spelling mistakes (such as typing “.cm” instead of “.com”) to take them to fake websites, exposing them to cyber-attacks.

CMU Engineering

What happens when you deploy 2-factor authentication at a university?

“It’s not actually that horrible,” one survey respondent said about using a security feature called 2-factor authentication (2FA) to access their Carnegie Mellon account.


CyLab finds 2FA had unexpected positive reception

CyLab researchers investigated CMU faculty and staff's reactions to two-factor authentication and found unexpectedly positive reception.