Common Weakness Enumeration
CWE-655
Allowed-with-ReviewInsufficient Psychological Acceptability
Abstraction: Class · Status: Draft
The product has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether by accident or on purpose.
0 vulnerabilities reference this CWE, most recent first.
No vulnerabilities reference this CWE.
Mitigation
Testing
Where possible, perform human factors and usability studies to identify where your product's security mechanisms are difficult to use, and why.
Mitigation
Architecture and Design
Make the security mechanism as seamless as possible, while also providing the user with sufficient details when a security decision produces unexpected results.
No CAPEC attack patterns related to this CWE.