|
|
|
|
|
|
by scottlamb
964 days ago
|
|
|
> People have long lost the difference in meaning between "security" and "convenience". They now believe the two are interchangeable. Not sure they're wrong. There are so many IT departments and websites that force dumb practices which are detrimental to both: frequent password changes, required low-entropy recovery question options, etc. And then on the other side, some really convenient flows with reasonable security, e.g. streaming apps that show you a short temporary credential you can copy from your Roku's screen to your signed-in computer/phone rather than requiring you downgrade your permanent password to something easier to enter on the Roku keyboard. So while fundamentally you're right that "security" and "convenience" are in tension, in practice I think the bigger factor is competence and care of the dev and admin teams. |
|
|