http://log.reflectivesurface.com/2004/01/21/security-vs-usability/ Still powered by a contradiction in terms Thu, 20 Nov 2008 14:20:39 +0000 http://wordpress.org/?v=2.6.3 http://log.reflectivesurface.com/2004/01/21/security-vs-usability/#comment-250 Ronaldo Thu, 22 Jan 2004 03:13:31 +0000 http://log.reflectivesurface.com/2004/01/21/security-vs-usability/#comment-250 You're quite right. I hadn't thought about it from this point of view. I guess that goes to prove that security is even harder to do right than it appears. Preventing the attack while still allowing valid users access to the system seems a tough problem. You’re quite right. I hadn’t thought about it from this point of view. I guess that goes to prove that security is even harder to do right than it appears. Preventing the attack while still allowing valid users access to the system seems a tough problem.

]]> http://log.reflectivesurface.com/2004/01/21/security-vs-usability/#comment-249 Simon Willison Wed, 21 Jan 2004 19:29:00 +0000 http://log.reflectivesurface.com/2004/01/21/security-vs-usability/#comment-249 I actually see this feature as a security problem rather than a usability problem, as it introduces the ability for malicious parties to "deny service" to other users provided they know their user name. Enter the username and an incorrect password a few dozen times and you've locked your victim out of the system. I actually see this feature as a security problem rather than a usability problem, as it introduces the ability for malicious parties to “deny service” to other users provided they know their user name. Enter the username and an incorrect password a few dozen times and you’ve locked your victim out of the system.

]]>