Directory

Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems University Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission, working in the office of Chairwoman Ramirez. She is also a co-founder of Wombat Security Technologies, Inc, a security awareness training company that was acquired by Proofpoint.

She has authored more than 200 research papers on online privacy, usable security, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O’Reilly 2002). She has served on a number of boards and working groups, including the Electronic Frontier Foundation Board of Directors, the Computing Research Association Board of Directors, the Aspen Institute Cybersecurity Group, and on the editorial boards of several journals.

In her younger days she was honored as one of the top 100 innovators 35 or younger by Technology Review magazine. More recently she was elected to the ACM CHI Academy, named an ACM Fellow for her contributions to usable privacy and security research and education, and named an IEEE Fellow for her contributions to privacy engineering. She has also received an Alumni Achievement Award from the McKelvey School of Engineering at Washington University in St. Louis, the 2018 ACM CHI Social Impact Award, the 2018 International Association of Privacy Professionals Privacy Leadership Award, and (with colleagues) the 2018 IEEE Cybersecurity Award for Practice.

She was previously a researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University. She holds a doctorate in Engineering and Policy from Washington University in St. Louis. In 2012-13 she spent her sabbatical as a fellow in the Frank-Ratchye STUDIO for Creative Inquiry at Carnegie Mellon University where she worked on fiber arts projects that combined her interests in privacy and security, quilting, computers, and technology. She practices yoga, plays soccer, walks to work, and runs after her three children.

Office
2107 Collaborative Innovation Center
Phone
412.268.7534
Email
lorrie@cs.cmu.edu
Google Scholar
Lorrie Cranor
Websites
Lorrie Cranor's website

Improving Transparency for Online Privacy

What's Next

Online Security and Privacy

Education

1996 Doctor of Science, Engineering and Policy, Washington University

1996 MS, Computer Science, Washington University

1993 MS, Technology and Human Affairs, Washington University

1992 BS, Engineering and Public Policy, Washington University

Affiliations

Research Interests

Media mentions


CNET

Cranor discusses passkey security

CyLab Director Lorrie Cranor was quoted by CNET about Microsoft’s switch to passkeys.

The Washington Post

Cranor quoted on iris-scanning technology

CyLab Director Lorrie Cranor was quoted by The Washington Post about World’s iris-scanning technology.

The Washington Post

Cranor quoted on access to data in cases of theft

CyLab Director Lorrie Cranor was quoted by the Washington Post about how the owners of stolen Apple products cannot regain access to their data.

Dark Reading

Cranor discusses Gmail cybersecurity

CyLab Director Lorrie Cranor spoke with Dark Reading about the importance of securing one’s devices and accounts, regardless of encryption protections companies like Gmail install in their software.

See More Mentions

POLITICO

Cranor quoted on the importance of appropriate security of government communications

CyLab Director Lorrie Cranor was quoted in POLITICO regarding the recent “Signalgate” controversies generated by national security advisors, as she spoke about the importance of government communications being secured against attackers.

The Wall Street Journal

Cranor quoted on Signal group chat

CyLab Director Lorrie Cranor was quoted in The Wall Street Journal about how employees often prioritize convenience over security at work.

CyLab Security and Privacy Institute

CyLab researchers win Test of Time Award at USEC 2025

A team featuring CyLab researchers was honored with the Test of Time Award at the 2025 Symposium on Usable Security and Privacy (USEC 2025).

CyLab Security and Privacy Institute

Understanding YouTube giveaway scams: are teens more susceptible?

A team of Carnegie Mellon University researchers recently conducted human subjects research to learn more about the nature of YouTube giveaway scams, and determine whether teens are more susceptible to falling for them than adults.

CyLab Security and Privacy Institute

CyLab faculty, students to present at NDSS Symposium 2025

Carnegie Mellon faculty and students will present on a wide range of topics at the 32nd Annual Network and Distributed System Security (NDSS) Symposium. Held at Wyndham San Diego Bayside from February 24th through the 28th, the event fosters information exchange among researchers and practitioners of network and distributed system security.

CyLab Security and Privacy Institute

CMU and CLP Celebrate International Data Privacy Day on January 26

In celebration of International Privacy Day, Carnegie Mellon University is collaborating with Carnegie Library of Pittsburgh (CLP) to host Data Privacy Day 2025 on Sunday, January 26 from 10 a.m. to 2 p.m. at CLP-Main (Oakland).

CyLab Security and Privacy Institute

Applications open for CMU Ph.D. programs in cybersecurity and privacy

Carnegie Mellon University offers several Ph.D. programs that attract students interested in pursuing research careers in security and privacy.

CyLab Security and Privacy Institute

CyLab hosts industry leaders at the 2024 Partners Conference

CyLab's focus on institutional and corporate collaboration was on full display at its annual Partners Conference, which highlighted the latest research in security and privacy with an interactive forum between faculty, students, industry, and government.

Update your page