[captainbland]

More likely the reward is people complaining about how inconvenient the new security process is for the next 20 years. "Oh I have to rotate keys now..." "I liked it better when it told me my password was wrong outright" "entering an MFA token from my phone is annoying" etc.

[crosser]

Heh that may be true sometimes. Though in my perception, "writing secure code" is more about sanitizing input and preventing buffer overflows than about enforcing secure practices on the user...