Contact

S/MIME-Certificate: certificate

Curriculum Vitae

Tobias Länge has been working as a scientific researcher in the SECUSO Research Group of Prof. Dr. Melanie Volkamer since 2022. He completed his Master’s degree in Computer Science at the Karlsruhe Institute of Technology (KIT) in 2022.

Tobias Länge is part of the "Human & Societal Factors" team within Engineering Secure Systems (ESS), established initially in 2011 as one of three competence centers for Cybersecurity in Germany by the Federal Ministry for Education and Research. His current research focuses on the security of QR code scanners and the reproducibility of academic research. Previously, he has conducted work on authentication mechanisms in virtual reality, email security standards such as DMARC, user phishing awareness, and the development of QR code phishing detection aids for end-users.

Within the group, he manages the Privacy Friendly Apps (PFA) portfolio and is helps out administering the group’s internal IT infrastructure.

Research Interests

Phishing Prevention & User Awareness
Research Reproducibility & Open Science

Publications

2026

Conference Papers

Development, Evaluation, and Implementation of SEQR -- a Usable Secure QR Code Scanner
Mossano, M.; Fabian Veit, M.; Länge, T.; Maximilian Berens, B.; Sharevski, F.; Volkamer, M.
2026. Proceedings of the 2026 CHI Conference on Human Factors in Computing Systems, 1–33, Association for Computing Machinery (ACM). doi:10.1145/3772318.3793213

Implementing and Evaluating the Usability of Reliable Voter Complaints in E2E Verifiable Remote Electronic Voting
Hilt, T.; Mack, C.; Matheis, P.; Berens, B.; Länge, T.; Haenni, R.; Koenig, R. E.; Locher, P.; Volkamer, M.
2026. 11th IEEE European Symposium on Security and Privacy (EuroS&P)

From Matrix to Metrics: Introducing and Applying a Configuration Matrix to Evaluate DMARC Policies
Länge, T.; Ballreich, F. L.; Hennig, A.; Mayer, P.; Volkamer, M.
2026. Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) 2026 : Co-located with NDSS Symposium 2026, San Diego, CA, 23rd February - 27th February 2026. doi:10.14722/madweb.2026.23031

Reports/Preprints

Comprehensive List of User Deception Techniques in Emails
Veit, M.; Mossano, M.; Länge, T.; Volkamer, M.
2026. arxiv. doi:10.48550/arXiv.2604.04926

2024

Conference Papers

Vision: Towards Fully Shoulder-Surfing Resistant and Usable Authentication for Virtual Reality
Länge, T.; Matheis, P.; Düzgün, R.; Volkamer, M.; Mayer, P.
2024. Symposium on Usable Security and Privacy (USEC) 2024 : Co-located with NDSS Symposium 2024, San Diego, CA, 26th February - 1st March 2024. doi:10.14722/usec.2024.23092

2022

Conference Papers

PassGlobe: Ein Shoulder-Surfing resistentes Authentifizierungsverfahren für Virtual Reality Head-Mounted Displays
Länge, T.; Matheis, P.; Düzgün, R.; Mayer, P.; Volkamer, M.
2022. Mensch und Computer 2022 - Workshopband. Ed.: K. Marky, Gesellschaft für Informatik (GI). doi:10.18420/muc2022-mci-ws01-462

Reports/Preprints

Development and Evaluation of an Anti-Phishing Shooting Game
Dietmann, H.; Länge, T.; Matheis, P.; Pawelek, A. A.; Berens, B.; Mossano, M.; Veit, M.; Mayer, P.; Volkamer, M.
2022. Karlsruher Institut für Technologie (KIT). doi:10.5445/IR/1000153329

Posters

The Phishing Master Anti-Phishing Game
Dietmann, H.; Länge, T.; Matheis, P.; Pawelek, A. A.; Berens, B.; Mossano, M.; Veit, M.; Mayer, P.; Volkamer, M.
2022, December 8. Annual Computer Security Applications Conference (ACSAC 2022), Austin, TX, USA, December 5–9, 2022