I am doing a Coursera course called Usable Security which – as you would expect – is all about improving the security of systems through better usability.
It’s hard to dispel the opinion common among developers that usability and security are somehow inversely proportionate; that rock-solid secure systems are of necessity hard to use, and that improving their usability must degrade their security. Quite the opposite is true in fact. Systems with a large potential for serious damage should be foolproof and that’s where usability comes in. Making them hard to learn only makes them more error-prone. Continue reading “Security as an afterthought”