Lily Hay Newman wrote a compelling article for Slate.com this week in which she argued that, like the food we eat and the products we buy, software should come with disclosures where our personal data is being put at risk. It seems that we're now hearing about our data being hacked on a constant basis, and there is good reason to worry that many people are tuning out the risk because the sheer volume of attacks makes it seem like there is nothing we can do.
Regulation, and shared standards are one obvious approach to an issue that is so large it can target entire industries while simultaneously effecting well known individual entities. Regulation would presumably standardize levels of risk and more importantly, communicate those risks broadly so that users could have a collective understanding that would have context, but Newman notes: "In the absence of a reliable disclosures, the burden of personal online security largely falls to users. The simpler and more straightforward the demands on them are, the more likely they are to comply. And one of the most important areas to address is passwords." Passwords are used so widely, while being so widely known to be flawed, that they do a good job illustrating the pressing need for change. As she closes her article, Newman argues that dual factor authentication addresses some of the most widespread and exposed risks, while noting that new technologies (such as biometrics) are enabling stronger authentication without complex requirements for end users.