Most people designing security have so little understanding of how people behave that things don't get better. I hope eye-opening will help.
I can give you example after example like this. Some of the problems are really hard. (Account recovery vs security; key transparency).
-
-
Some are really because of lack of attention. A HUGE part is because of business model of surveillance. So it goes.
-
Facebook constantly nags for phone number for SMS "reset password" from people who have U2F set up. IT WOULD MAKE THE ACCOUNT LESS SECURE.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.