NAC

NAC: Usability and Security for Users

Using NAC, organizations no longer have to choose between security or usability on their networks It’s easy to assume that making something more secure automatically makes it more difficult to use. After ...
Security Boulevard
Ethics and Chatbots

Ethics and Chatbots

| | AI, chatbots, Usability
I was online chatting at a web site to repair my lawn tractor. Once I finished, I said, “So you’re a chatbot. Cool.” I’m sure I was talking to a chatbot program ...
Principles of Usable Security

Principles of Usable Security

I want to talk about the age old trade off between the simplicity of a website or app, versus the level of friction, restriction and inhibition associated with applying security controls. There ...
The practical digital library updated

The practical digital library updated

A few years ago I moved my private library to the cloud. It uses Calibre to catalog my books, and the Open Publication Distribution System (OPDS) to provide an Internet-capable catalog. OPDS ...
Rey is in the Ahch-To Pit looking at a broken mirror.

Cave of Broken Mirrors: 3 Issues with AWS Cognito

Secure Ideas is currently working on a revamp and redesign of our website and client portal, to promote a better user experience for our clients. Since a lot of our infrastructure is ...
Hu: The Missing Element

Hu: The Missing Element

Below you can find a version of the talk that I just gave at the European Identity Conference and at Identiverse talking about what I consider to be the missing element in ...

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, ...