• nyan@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    29
    ·
    9 months ago

    Security and convenience (not “speed”) always pull in opposite directions. The thing is that experts always seem to advise using the highest level of security even for trivial accounts. This creates unnecessary friction, with the result that the average person drops the effective level of security even for important accounts in order to get rid of it. This is not a new problem, just a bad article on an old problem.

    (As for cryptocurrency, just don’t.)

    • Plopp@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 months ago

      Yeah I read somewhere that it was considered unacceptable for people to have to wait for a couple of seconds for a password manager to open the vault after entering the password. Like, really? If those seconds mean the account is way more secure because math, isn’t it worth it? For the thing that holds all your passwords? People have become very sensitive to such things it seems.

      • nyan@lemmy.cafe
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        It takes a few seconds to type a password in manually as well, but people seem to regard the time differently if they’re actively doing something than if they’re passively waiting for something to happen. Nontechnical users regard computers and other devices as black boxes that should respond instantly to stimuli, the way purely analog equipment does. If it doesn’t, many of them treat it as broken.

        • Plopp@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Yes that does make a difference. And a good UI should of course tell the user that it’s doing aubergine in the background. For a password manager, preferably a message indicating unlocking and a progress bar of some sort instead of just a frozen window.

      • shastaxc@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Password managers typically allow you to use a session based login so you only put in the master password once until you close the browser, it set it to only prompt you every day, week, month, or never again on that device. So most of the time, those few seconds required to enter a password for a website are reduced to 0.