Study: Internet users are worn out from remembering passwords and updating software

We’ve just posted the following news: Study: Internet users are worn out from remembering passwords and updating software[newsimage][/newsimage]

The continuous warnings for unsafe software and cyber crime causes ‘security fatigue’ that stops people from keeping themselves safe. They get tired from remembering numerous passwords and from the large amount of software updates they have to perform.

            Read the full article here: [](

            Please note that the reactions from the complete site will be synched below.

Working much with security, this makes me want to cry… Still I can understand it from a private citizen point of view.
Years ago, I did a job for a Norwegian branch of a German company with a strict security policy. As it turned out it was a virus throwing a party. Long story short, every computer disconnected, server disconnected from the net and cleanup. The interesting part of the story is that I found the password for the user on a post-it notes in every office, either under the keyboard, on the back of the monitor or even in plain sight on their desk!!!
It reassured my attitude that IT security will only ever work as long as it is with and not against the users. This particular German company had lowered their security to almost zero by applying a too strict policy for humans to overcome, and this study confirms my findings.
What they should have done was to educate about password managers and complexity for master passwords, not only enforce a policy… It will simply never work.

We are only humans after all :flower:

M computer seems ok for updates and stuff.  Remember 20 or 30 password does kind of suck.  The sheer amount of updates for the software on my phone though, that’s borderline ridicoulos. Certain apps (Ahem facebook) releasing new updates almost every week… ugh.

While it has its own personal flaws, it is relatively easy to automatically upgrade an operating system with the latest security patches. Even in Windows.

The current way of working (passwords) however is a major burden for most users, who demand easy access. I have had several clients that asked if things could improve. Sure they can, but it’ll cost you quite some money. Most of them don’t want or cannot invest.

In my experience, it isn’t too hard to enter your password into a manager like KeePass2. As for updates, the package managers on GNU/Linux systems make that super easy: with only one or two commands to update the entire system, installing individual updates for individual programs is a thing of the past. Heck, if you don’t like doing typing these commands manually, you can always add them to a script. By placing that script in /etc/cron.daily, you can expet the system to run that command daily.