The guys behind 1Password1 on how too much security can end up undermining it.
The best real world example I can think of is the practice that IT guys have of requiring large, complex passwords from their users. It needs to have a number, a lower case character, an uppercase letter. I’ve seen websites that restrict the length, so if a phrase unique to you (which is great for a password) doesn’t fit between 8-12 characters you can’t use it. So users end up writing the password down on a post-it note and putting it in their desk.
It’s way easier to go through somebody’s desk than it is to hack their computer.
Man I should try using that sometime. I get scared away because I keep thinking I already have the OSX keychain, why should I add this other layer. ↩