The Cognitive Dissonance of Online SecurityPosted by Pete Mar.13, 2014 in Passwords & Security
Ever wonder about cognitive dissonance? You know, that confused moment as a child when you came across mommy kissing Santa Claus. (You had about a split second to decide whether to cry, or to tell on mom, or see if you could use the info to your advantage to wangle more loot from old St. Nick.)
A more formal definition of dissonance is – the lack of agreement, consistency, or harmony between ideas or concepts that battle inside our heads.
And that’s the problem. We worry about the upcoming epidemic of spontaneously exploding heads that will be the natural result of the cognitive dissonance too many people have in their minds about passwords and security.
Even with all that’s written about online security, for most folks there’s a huge disconnect between security (and common sense) in the physical world and the virtual world of the Internet. These folks will put extra locks on their doors and windows, install alarms and wrestle with The Club in their cars, use Kryptonite and carry 50 lb. bike chains for locking up their bicycles, all the while ignoring even basic precautions for protecting themselves when online.
To these folks, security is like a game of peek-a-boo. If they can see the bad guy, then he’s real; but under cover of the cloud, bad guys don’t exist. Of course, the images of rough guys stealing and breaking real stuff and hurting real people on cop shows and TV news constantly reinforce the image of bad guys we all carry around in our minds. People are afraid of meeting one of these characters in real life, and so they take physical precautions to protect themselves.
But in the world of the Internet, everything is ‘virtual,’ which, for most folks, is pretty much the same thing as saying it doesn’t exist. Sure, we all have email accounts and probably at least one online banking account, but any perception of physical pain or discomfort is far removed from our mental constructs of burglaries. With no possibility of a physical confrontation, most folks let their guard down.
[A convincing argument can be made that the almost universal use of anti-virus programs today is due to the personal pain in the butt that people experienced when malware messed up their computers (i.e. the bodily discomfort of waiting, waiting, waiting for infected computers that were slowed to a crawl, popups that refused to be clicked away, accounts and websites that were blocked, computers restarting on their own, etc.), and not because of some realization of the security risk of viruses to themselves and their friends.]
These folks may have multiple locks on their doors, but they’ll use the same password (ex. 123456) for their email, YouTube, online banking accounts and other accounts. They’ll happily click on every popup that appears on their screen, send their bank account to ‘FBi director mueller’, use silly passwords and generally be reckless with online access to their accounts, but they won’t open the front door when a delivery man comes knocking in the middle of the day. (We’re not suggesting that you should open your door to strangers.)
Let’s make 2014 the year we do away with exploding heads. Spread the word about security online: be aware of current threats, use common sense in the virtual online world just like you do in the real world, get appropriate security products to protect yourself and start using strong passwords. There’s no telling how many friends and neighbors you’ll be helping – not to mention all the time you’ll save yourself in messy cleanups.