Security software is usable when it provides reasonable security without getting in the way of doing work. Ideally it should be noticed only when there is an attack detected. Some security software is also noticed when it asks about privacy preferences or identity selection; that can be reasonable. All too often though, security software is noticed when it causes pain. It gets in the way, presenting many dialogues to approve some connection through a firewall or asking for a password every few moments. Even worse, some security software really gets in the way and prevents people from doing the work they are authorized to do.

This blog is dedicated to exploring painless security and how to let security software fade into the background and do its job. It focuses on Kerberos and related technologies.

The primary contributor is Sam Hartman. currently, Sam is an independent consultant. In the recent past, Sam worked as the Chief Technologist at the MIT Kerberos Consortium and served as a security Area Director at the IETF.