Usable Security

What better way to initiate a usability blog than by picking a bone with a prominent figure like Jakob Nielsen?

In one of his Alertbox columns, Nielsen opens the discussion by outlining a “fundamental conflict” between usability and security.  He writes:

Usability advocates favor making it easy to use a system, ideally requiring no special access procedures at all, whereas security people favor making it hard to access a system, at least for unauthorized users.

That particular column is now more than four years old, but similar comparisons of the goals of usability and security have been made so often that the conflict has come to be accepted as traditional wisdom.  I’m going to argue that it’s time to set aside this assumption.

Nielsen’s juxtaposition needs some refinement.  Here’s the way I like to see it:

• Usability is about making it easier to get desirable results.
• Security is about making it harder to get undesirable results.

When you see it this way, they don’t have to be in conflict.  This perspective also reveals the reason that usability and security come into conflict: they conflict when you can’t tell the difference between desirable and undesirable results.

The reason Nielsen runs into a fundamental conflict is that he has chosen login authentication as the subject of his analysis.  In that particular subdomain, the conflict is real.  The purpose of passwords is to separate authorized users from unauthorized users.  There is no a priori knowledge of whether the person entering the password should be allowed to enter.

But there’s a lot more to security than passwords.  In fact, today’s biggest security problems—viruses, spam, phishing, spyware—have nothing to do with somebody guessing a poorly chosen password.  They have to do with errors in identification or errors in granting too much power to untrustworthy parties.

So, don’t be too quick to carry over the assumptions from authentication to other security problems.  Security requires carrying out the user’s intentions correctly, and in order to be usable, a system can’t be breaking down all the time.

Let’s avoid the characterization of “usability people” and “security people” as entrenched in opposing camps.  Much of the time, we’re all trying to achieve the same goal: to make sure the right things happen, effortlessly.  To achieve that, we need to listen to each other.

This entry was posted on Saturday, March 12, 2005 at 01:20 under Opinions. You can leave a comment here or trackback from your own site. Use the comment feed to follow comments on this entry.