|
|
|
|
|
|
by seabass-labrax
1068 days ago
|
|
|
True, but "user secrets stolen, game over" is a much more healthy starting point than "user secrets stolen, well, maybe we can let criminals use only 10% of them by making login attempts more difficult". The latter means you can say "we reduced malicious logins by 90%" when what you are really doing is reducing all unusual logins by 90%. It's true that security audits don't guarantee success, but that percentage likelihood of security improvement comes at no cost to usability. |
|
|