next up previous
Next: Security seems excessive or Up: Why do users make Previous: Users don't understand how

It gets in the way of more important things

This is one of the most important barriers to security. If secure practices are seen to get in the way of the more important things a users does (or those things which a user perceives to be most important), then these practices will be avoided by users.

A large number of support calls (estimates go as high as 70% [Trickey, 1998]) are password-related, and a large percentage of these calls are for forgotten passwords. It is fairly common practice to have users ``locked out" so they can only make a limited number of attempts to log in before they must make a support call. Getting locked out means a larger amount of wasted time for the individual, and time spent making support calls does not particularly reflect well upon an individual in a workplace. When it's so simple and seemingly harmless to write down a password, and the alternative is a lot of wasted time and potentially some loss of face, the choice seems clear. After all, the wasted time is guaranteed - an intrusion isn't all that likely, right?


next up previous
Next: Security seems excessive or Up: Why do users make Previous: Users don't understand how
Terri 2004-01-05