Here’s a secret: people don’t care about security.
They really don’t.
Telecompetitor quoted an interesting Junpier report, noting that people lack trust in services, devices and apps while at the same time use them.
I’d say that people don’t even deal or think about trust most of their time. Sure – put a question in front of a user about trust and security and you’ll get the answer that they care about trust. Who wouldn’t confronted with this question?
But at the end of the day – we don’t care.
We use a large and growing number of apps on our phones. Most of us relinquish the privileges requested by these apps without even checking what they are: children games that can use our phones to dial out, go to the internet for ads. Applications that devour our address book.
We don’t really care. And I don’t think users should care.
Who should care? Developers and product managers. People who are building apps and services. They should care.
This is why resources such as Troy Hunt’s blog are such great resources for developers and product managers. It shows how bad security is on the web today and what should be done about it. his recent post on website password reset mechanism was something I needed 3 years ago… nothing there is rocket science, but it does save the need of reinventing the wheel.
Next time you plan an app or a service – please take care of security. Users won’t care, but you should.