Many people judge security by the simple view of the lock symbol in the browser. They think to be secure by a sign, a sign that is unclear for 99 percent of the users.

Strong password, “the lock” and feel

Let’s create a nice example of an ordering system, where you login, order and pay. The connecting with the web server is secured by the lock-symbol (ssl), you are using a strong password and it just feels good (very important). The order comes in at the company side, forwarded to the 15 people working at the order desk:

—-

To: neworderyeay@hotmail.com

From: anotherinternetuser@iamtrying.com

Subject: new order from #anotherinternetuser

Hello back office,

A new order arrived with no 123, from anotherinternetuser using password V&rySecure@123

1x viagra

Address: Secretstreet 123, 12345 AB, London

—

After a week you receive your order, in a beautiful blue box with “internet sex shop” on top and it’s ready to be picked up at the neighbor since you where unable to open the door when the mailman arrived.