Comment by torginus

Yeah security people (computer or otherwise), are mostly crypto fascists with hardons for humiliating people and telling them what to do.

It's been proven from time to time that the strength of a security system is mostly determined by its strongest element, and defense in depth, and making people jump through hoops contributes comparatively little.

That's why you can go reasonably anywhere on the web, and have your computer publically reachable from any point in the world, yet be reasonably safe, provided you don't do anything particularly dumb, like installing something from an unsafe source.

That's why these weird security mitigation strategies like password rotation every two weeks with super complex passwords, and scary click-through screens about how youll go straight to jail if you misuse the company computer are laughable.