Download - Security vs. UX
![Page 1: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/1.jpg)
Security vs UX Deathmatch
@ccollingridge@Avecto@nuxuk
![Page 2: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/2.jpg)
![Page 3: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/3.jpg)
Security is human
We’re not making good design decisions
We can do better
![Page 4: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/4.jpg)
Security is human
We’re not making good design decisions
We can do better
![Page 13: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/13.jpg)
![Page 15: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/15.jpg)
![Page 16: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/16.jpg)
Security is human
We’re not making good design decisions
We can do better
![Page 18: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/18.jpg)
Overloading memory
![Page 19: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/19.jpg)
![Page 22: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/22.jpg)
![Page 23: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/23.jpg)
![Page 24: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/24.jpg)
Nihilistic password security questions (by Soheil Rezayazdi)
What is the name of your least favorite child?
In what year did you abandon your dreams?
What is the maiden name of your father’s mistress?
At what age did your childhood pet run away?
In what city did you first experience ennui?
What is your ex-wife’s newest last name?
What sports team do you fetishize to avoid meaningful discussion with others?
What is the name of your favorite canceled TV show?
What was the middle name of your first rebound?
On what street did you lose your childlike sense of wonder?
![Page 25: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/25.jpg)
Technically driven barriers
![Page 27: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/27.jpg)
![Page 28: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/28.jpg)
![Page 29: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/29.jpg)
Relying on users making good decisions
![Page 32: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/32.jpg)
MyOnlineSecurity
![Page 33: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/33.jpg)
Not promoting good practice
![Page 34: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/34.jpg)
![Page 35: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/35.jpg)
![Page 36: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/36.jpg)
![Page 37: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/37.jpg)
![Page 38: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/38.jpg)
![Page 39: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/39.jpg)
![Page 40: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/40.jpg)
![Page 41: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/41.jpg)
![Page 42: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/42.jpg)
![Page 43: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/43.jpg)
Security is human
We’re not making good design decisions
We can do better
![Page 45: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/45.jpg)
![Page 46: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/46.jpg)
![Page 48: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/48.jpg)
![Page 49: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/49.jpg)
![Page 50: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/50.jpg)
![Page 52: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/52.jpg)
Encourage
two-factor
![Page 53: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/53.jpg)
![Page 54: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/54.jpg)
![Page 55: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/55.jpg)
![Page 56: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/56.jpg)
Stand on the
shoulders of giants
![Page 57: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/57.jpg)
Start thinking about biometrics
![Page 58: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/58.jpg)
Encourage passphrases
![Page 59: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/59.jpg)
Password-less login
![Page 60: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/60.jpg)
“Regular password changing harms rather than improves
security, so avoid placing this burden on users. However,
users must change their passwords on indication or
suspicion of compromise.”
![Page 62: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/62.jpg)
Don’t break
password managers
![Page 63: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/63.jpg)
Set safe
defaults; be
proactive
![Page 64: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/64.jpg)
Create secure-by-design places
![Page 65: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/65.jpg)
Security is not an inconvenience, but a human need
Good security serves your user, your organisation, and the wider world
You can design for better security and less friction
![Page 66: Security vs. UX](https://reader034.vdocuments.us/reader034/viewer/2022051318/589be2671a28aba5108b5dd1/html5/thumbnails/66.jpg)
Joachim S. Müller
Security vs UX DeathmatchRomanceBe the love you want to feel
@ccollingridge
@Avecto
@nuxuk