You are looking at posts that were written in the month of March in the year 2008.
Posted on March 15th, 2008 by Chris.
Categories: Chris, General/Misc., Product Design, Programming, UI Design.
One of the most common ways to secure a computer is by using a username/password combination. (In fact, we don’t have to look far to find an example). However, this system is clunky, primarily because it requires you to remember or write down the user name and password for every site (or alternatively use the same password everywhere).
Security is not just about locking down a system from a list of attacks. The way you design a UI dictates how people behave, and people’s behavior is responsible for 90% of attacks. [citation needed] Defaults matter. No one forgets to lock an automatically locking door.
The fact is, while a security system must be set up to prevent hacking attacks, guesswork, and theft, it must also be designed in such a way that leads people to behave more securely. When you have a system where keys are hard to create but easy to copy, naturally, people will end up using the same keys at eBay that they do at Flickr.
The need to “educate users” is an indication of design failure.