The Psychology Behind User Resistance to Stronger Authentication

The Psychology Behind User Resistance to Stronger Authentication(guptadeepak.com)

2 points by guptadeepak 216 days ago | 3 comments

guptadeepak 216 days ago |

This piece explores why users perceive secure authentication as friction rather than protection. Three key insights stood out: 1. loss aversion drives users to avoid perceived effort 2. mental models of “security” lag behind actual threat models 3. familiarity bias favors weak but habitual patterns

Empirically, usability testing shows rejection rates rise sharply when authentication adds more than two new steps.

I’d love to hear from others—what design trade-offs have you found most effective in aligning user convenience with real security gains?

salawat 216 days ago | |

There is a certain point where the infrastructure of access control eclipses the problem space of the thing to be done. No one wants to have to learn LDAP++applied cryptography to set up their jig to do their thing.

Now, access control may very well be the jig that makes accountancy and modern business tractable, but it is still nevertheless, a massive problem surface orthogonal to most tasks.

PaulHoule 216 days ago | |

I believe

   !usable -> !secure