There's no way around it. Implementing information security means tradeoffs, and that is something that few people are willing to understand, or accept. But it's true. If you want additional security you have to give something up, usually convenience. That's just how it works. It's a concept that we need to accept psychologically, and also something we need to think about rationally.
Bruce Schneier has written about how security requires tradeoffs:
Security is a trade-off...[this] is a notion critical to understanding the psychology of security. There's no such thing as absolute security, and any gain in security always involves some sort of trade-off
Schneier goes on to mention other things that security costs us, ie. what we have to trade, on occasion, for security:
I want to make very clear that this doesn't mean we have to trade everything to try to obtain some sort of absolute security. Rather, what we need to do is make conscious decisions about what tradeoffs we are going to make based on what we think, after careful consideration, the real risks are. In fact there are often times we should not make the tradeoff, especially with regards to overreacting to unlikely risk.
There are many big examples I could use (such as riding a bike to work versus driving in a car) but I think what I'd like to talk about is two-factor authentication, perhaps better phrased as "two-step verification."
The article "How I Lost My $50,000 Twitter Username" is still one of the more fascinating articles I've read on real-life online security.
The author writes:
I had a rare Twitter username, @N. Yep, just one letter. I’ve been offered as much as $50,000 for it. People have tried to steal it. Password reset instructions are a regular sight in my email inbox. As of today, I no longer control @N. I was extorted into giving it up.
Basically, what happened in this situation was that Godaddy allowed the attacker to take over @N's account and therefore control the email for that domain. @N had used that custom domain to register his twitter account. Thus, because almost every online service provides a password reset via email, inlcuding twitter, the attacker was able to request a password reset of the twitter account, and because he controlled the email for that domain he received the reset message and was able to reset the password to one only he knows.
In the comments for that article there are a lot of suggestions as to what could have been done to reduce the likelyhood of this attack, which one commenter called a "chain hack", which I kind of like the name of, to work.
[email protected], to allow use of multiple twitter accounts from one gmail account, or to keep better track of emails.
So I got a little out of hand there. Social networking account security, well any account security, is pretty complicated and quite interesting.
But the point I wanted to make was that there are tradeoffs when increasing security, and I specifically wanted to take a look at what tradeoffs there are for using two-step authentication using Google Authenticator on your smartphone.
What people think the tradeoffs are:
What the real tradeoffs are:
That's really about it. Occasionally login using your password and a number generated by the Google Authenticator application, and also somehow safely store a print-off of backup login credentials.
I think that, in this particular example, the tradeoffs are worth the increased security. What's more, that the perceived tradeoffs are actually much different than reality.
Security is a difficult and complicated thing, not only technically but psychologically as well.
In the end, I think it's important to do three things:
Finally, sorry, I can't help but include this quote:
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin