One of the most common ways to secure a computer is by using a username/password combination. (In fact, we don’t have to look far to find an example). However, this system is clunky, primarily because it requires you to remember or write down the user name and password for every site (or alternatively use the same password everywhere).
Security is not just about locking down a system from a list of attacks. The way you design a UI dictates how people behave, and people’s behavior is responsible for 90% of attacks. [citation needed] Defaults matter. No one forgets to lock an automatically locking door.
The fact is, while a security system must be set up to prevent hacking attacks, guesswork, and theft, it must also be designed in such a way that leads people to behave more securely. When you have a system where keys are hard to create but easy to copy, naturally, people will end up using the same keys at eBay that they do at Flickr.
The need to “educate users” is an indication of design failure.
Tim
This is one of the 3 ‘D’s of the SDL. Secure by Design, Secure by Default, Secure in Deployment. You can see this in the design of Windows Server 2008. The default configuration forces strong passwords to be required. By default, a strong list of firewall rules are in place. By default, all nonessential network services are disabled.
Chris
Having finally slogged through half of that terrible SDL document, I’ll agree - this is specifically secure by design, though perhaps with a stress on innovation to make new methods of secure design.