About GET A DEMO

Backslash Vulnerability Database

Insufficient Psychological Acceptability

Insufficient Psychological Acceptability

CWE-655

Short description

The product has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether by accident or on purpose.

Best practices to prevent this CWE

Phase: Testing

Where possible, perform human factors and usability studies to identify where your product's security mechanisms are difficult to use, and why.

Phase: Architecture and Design

Make the security mechanism as seamless as possible, while also providing the user with sufficient details when a security decision produces unexpected results.

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

© 2023 Backslash. 28 HaArba'a St., Tel-Aviv Privacy Policy | Terms of Use