|
|
|
|
|
|
by PoachedEggs
638 days ago
|
|
|
> probably a net downgrade in security posture, as user friction just normalises a culture of circumvention There is even a CWE for this concept: “CWE-655: Insufficient Psychological Acceptability” > The product has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether by accident or on purpose. |
|
|