Security smell

In the same way that programmers talk about code smell, we know when we're doing things that may compromise the security of our data. We may not know how, but we have an intuition that we're doing something wrong. It has a security smell.

For example, when people share login credentials for an account that has access to sensitive information, they know that the contortions they have to go through to enable two factor authentication feel odd. But if it saves money, they're comfortable relying on workarounds like setting up a Google voice account to forward SMS messages as emails to a mailing list.

While login procedures often feel cumbersome, they exist to protect us. So, the next time you find yourself doing something that feels unnatural, pause and ask yourself whether the tradeoff you're making is worth the risk.