Week 11 Flashcards
(15 cards)
What is usable security?
Security that is easy to use and understand without making the system less safe.
Why is usable security important?
If a system is too hard to use, people may avoid or disable the security features.
Who are the typical users in security systems?
General users (like website visitors) and technical users (like admins or developers).
What is “psychological acceptability” in security?
Security should be simple and not get in the user’s way.
What happens when users don’t understand security goals?
They may ignore important protections or make unsafe choices.
Why are too many choices bad for security?
They confuse users and lead to mistakes.
Why shouldn’t we blame users for security mistakes?
Systems should be designed to help users do the right thing easily.
What is phishing?
A fake website or email that tricks users into giving away personal info.
How can systems protect against phishing?
By detecting it and warning users automatically.
Why are passwords a usability problem?
Users struggle to remember many strong, unique passwords.
What helps solve password problems?
Password managers and two-factor authentication (2FA).
What does “default to secure” mean?
Systems should start in a secure state without extra setup.
What’s an example of balancing security and usability?
A bank app that keeps you logged in just long enough, not forever or too short.
Name a tool that helps with usable security.
Security indicators (like padlocks in browser) or automatic software updates.
What’s the goal of user-centred security design?
Make secure behavior the easiest and most natural option.
