Articles like this are a recurring indication that we are in trouble, security-wise, in the world of computing. Not to mention the growing skepticism about the effectiveness of security software. I recommend a good understanding on the part of every user of a computer of what an effective password policy is for you, and stick to it. But it’s not easy. Beyond that, remember that you are the most likely vector for what infects your computer, so be careful what you click on.
Please do not change your password
“Now, a study has concluded…that instructions intended to spare us from costly computer attacks often exact a much steeper price in the form of user effort and time expended.”
Are users right in rejecting security advice?
“We argue that users’ rejection of the security advice they receive is entirely rational from an economic perspective. The advice offers to shield them from the direct costs of attacks, but burdens them with far greater indirect costs in the form of effort. Looking at various examples of security advice we find that the advice is complex and growing, but the benefit is largely speculative or moot.”
