“... [the system] must be easy to use and must neither require stress of mind nor the knowledge of a long series of rules...”
The importance of the user in the success of security mechanisms has been recognized since Auguste Kerckhoffs published his treatise on military cryptography, La cryptographie militaire, over a century ago. In the last decade, there has been tremendous increase in awareness and research in user interaction with security mechanisms.
Risk and uncertainty are extremely difficult concepts for people to evaluate. For designers of security systems, it is important to understand how users evaluate and make decisions regarding security. The most elegant and intuitively designed interface does not improve security if users ignore warnings, choose poor settings, or unintentionally subvert corporate policies. The user problem in security systems is not just about user interfaces or system
AUGUSTE KERCKHOFFS ON THE
DESIGN OF CRYPTOGRAPHIC SYSTEMS (La cryptographie militaire, 1883)
References:
Archives