Hey everyone 👋

Recently, I hit a weird wall on Substack last week - couldn’t message anyone unless I verified my phone. The problem? My region isn’t even supported, no matter what I tried - errors & dead ends.

I got through it eventually, but it exposed something bigger - a pattern I see everywhere. We keep trading ease for security and vice versa, like there’s no middle ground.

And that’s exactly what we’re talking about today - why the systems meant to protect us often end up locking us out instead.

That being said, let’s get into it.

Every app makes a choice:
Do we lock things down, or make them easy?

Security today means layers - logins, verification, restrictions. It’s necessary, but it feels like work. Convenience, on the other hand, means flow. It’s what keeps users hooked and loyal.

Humans hate friction.

That’s why the most popular platforms aren’t always the safest - they’re the smoothest. If you look closely, you’ll see that - Apps that prioritize convenience often beat out apps that prioritize protection….and that’s where the real conflict begins.

In this piece, my goal is to cover the following:

• Why security and ease of use clash.

• Why do people walk away from secure platforms.

• Why convenient apps keep dominating.

• Whether both can actually co-exist and much more.

Security = Friction

I just said security is friction. But why is that?

Think about 2FA. You’re trying to log in quickly, but first you get a code to your email. Then another code to your SMS. Suddenly you realize Gmail isn’t even logged in on your phone. And the passwords are stored on your PC.

Even as someone who’s a big security advocate, I’ve had moments of pure frustration with this. So imagine how an average user feels.

Good security is supposed to feel restrictive.
But humans hate restrictions.

Humans by nature avoid friction. You’ll scroll Instagram because the phone is right there, but won’t get up to do something harder. That same law applies here: people lean more towards a smoother experience - not the safest one.

Convenience = Risk

Convenience equals risk. And here’s why:

Convenience feels amazing in the moment - like short-term gratification. Tap, swipe, log in instantly. Feels effortless. But on the other side? Consequences.

Secure platforms? They feel like punishment at first. Multi-step logins, strict & constant checks. But that pain pays off: it actually protects you.

Honestly, the equation is pretty straightforward:

Convenience means shortcuts.
Shortcuts mean vulnerabilities.
Vulnerabilities mean risk.

And the riskiest parts are always the same: logins, money, and private conversations.

The Psychology Factor

We’ve seen how security feels like friction and convenience feels like risk. But the bigger question is: why do people still pick the risky path even when they know better?

That’s where psychology kicks in. Let’s talk about the key-factors that drive humans to take such decisions, even if it comes at the cost of safety.

The App Store Illusion

“If it’s on the Play Store, it must be legit”

People assume the Play Store or App Store is a fortress, but it’s not. Harmful apps slip through all the time. Sideloading makes it even worse - anyone can publish an app that looks harmless but hides spyware inside.

Hackers know this game well. They design apps to feel smooth and so convenient that you don’t think twice before handing over personal info. That’s how spyware gets its claws in.

You might even have some spyware on your phone right now. I broke this down in detail in my post - how to spot spyware, what it actually does, and how to remove it. Check it out if you want the full details: Your Android Phones May Have Spyware

No Patience, No Security

The truth is - Most people today can’t sit through a 30-second ad without losing patience….if something takes more than a few clicks, people bail. That’s exactly what happens with overly strict security checks.

And honestly, it’s not always about short attention spans. Sometimes, you’re just in a hurry. You need to log in fast, but the system keeps throwing walls in your way.

In that moment of frustration, users start to snap and decide to ditch the app with “too much friction” and run to the one that feels smooth - even if it’s riskier.

The “Not Me” Illusion

“It won’t happen to me” - this is the overconfidence bias in action. People undervalue their risk, believing hacks and breaches only target “others.”

• Researchers found that 86% of employees feel confident they can spot phishing attacks, even when data shows many still fall for them.

• In another survey, 62% of people said they believe their passwords are secure, yet many admit to sharing them or reusing them across sites.

I know this doesn’t directly tie to convenience, but the main point is - people truly believe they’re invincible, and that mindset harms them across every corner of their digital life.

And hey, I’m not the only one saying this. My friend

When Security Backfires

There have been multiple incidents where apps with strong security ended up driving users away - not because people didn’t want protection, but because that protection came with too much friction.

That’s the sad reality - If using a platform feels like a chore, users often ditch them, even if they’re the safest option. Here are some case studies that back this up:

Case Study: Crypto Apps on macOS

When Apple tightened security on macOS, it made installing certain apps - like crypto wallets, far more complicated. This is proof that security can sometimes go
too far.

A survey showed that 34% of Mac users abandoned crypto apps because the installation process was just too messy. The apps were secure, yes, but also a headache to even get running.

Case Study: Multi-Factor Authentication (MFA)

Security only works if people actually use it. But with tools like MFA, that’s often not the case.

Reports show that about 60% of users abandon MFA if it isn’t smooth and simple. Other studies confirm the same: many people find 2FA codes, password resets, and complex login rules so annoying that they’d rather skip security altogether.

When Convenience Turns Dangerous

There have been countless incidents where apps made logins and security too simple in the name of “Better User Experience” But that convenience came at a cost - major breaches.

These following case studies highlight how choosing convenience over security led to real-world breaches.

Case Study: McDonald’s Blunder

McDonald’s new AI hiring chatbot became a hacker’s dream. Developers had left behind a “test account” - something they create temporarily to check if systems work. Normally these accounts get deleted, but this time was different.

The account’s password was “123456” On top of that, there wasn’t any multi-factor authentication on it.

The result? Not that great - 64 million applicants had their personal data exposed. This is literal proof that - Even a billion-dollar brand like McDonald isn’t immune against convenience & weak security.

Case Study: The Uber Breach

Uber’s 2022 breach is a case study in how simple can be dangerous.

Hackers didn’t break in using some advanced technique - they tricked their way in.

They sent a fake IT message to an employee’s phone (a classic phishing move: pretending to be someone you trust). The worker unknowingly approved a login request, and that one click allowed hackers to advance further.

The problem? Uber had MFA, but it was overly simplified, and that weakness turned into a massive entry point.

The Harsh Reality: Security Vs Convenience

Think of security & convenience as a seesaw.

On one side, you got - security.
On the other side, you got - convenience.

Push down too hard on either side, and the balance tips dangerously.

The stricter the security, the more walls you face just to use the app. Alternatively, the smoother the convenience, the more cracks those walls start to show.

In the end, it’s a tradeoff. You either choose safety and deal with friction, or choose convenience and accept the risks that ride along with it.

But Can Both Co-Exist?

So far, it feels like you either choose convenience or security - but is there a middle ground?

The answer is “sometimes” Biometric logins give you strong protection with zero typing. Fraud detection runs silently in the background, responsible for catching bad behavior without slowing you down.

And then there’s progressive security: if you log in from your usual device, it stays simple. But if you try from a new location, a new device or in general you seem suspicious to the system - you’ll face extra checks.

That’s the bright side. The dark side? None of this is bulletproof.

FaceID won’t recognize you in some cases.
Background systems flag good users as threats.
And sometimes adaptive systems end up annoying legit users.

Co-existence isn’t a fantasy.
But it’s not seamless either.

The Road Ahead: AI, Breaches, and Laws

So, where are we headed? I’m no Doctor Strange, and I can’t see all possible futures, but from what I know, here’s my 2 cents:

AI-driven background checks are bleeding into everything. Apps will quietly watch how you type, swipe, or move, and use that as authentication. In theory, it gives you strong security without the friction. In practice, AI makes mistakes, and hackers love taking advantage of those mistakes.

If you truly focus, you will start realizing that:

Users run to convenient apps → Breaches follow → Companies lock things down again → Loop repeats.

Honestly, I think Security vs Convenience isn’t ending anytime soon, it’s the game that never stops.

And then there’s regulation, the truth is:

• The companies itself aren’t always pulling the strings - The Politicians are.

• They push laws that force apps to add friction whether you like it or not.

• This is one of the major reasons why different apps force constant OTPs and FaceID checks.

In short, do keep in mind that - The future isn’t just tech-driven, it’s law-driven too.

Your Final Reminder

If you’re still here, congrats. That’s your candy 🍬. It’s bitter though - because the truth usually is.

You now know the game:

• No app can give you both flawless convenience and airtight security.

• Companies chase users first, security second, until a breach forces their hand.

• Most people will always trade security for ease, right up until they’re the victim.

So next time you curse at a login code or a lockout screen, pause. Realize that - it’s not the enemy, it’s the only shield you’ve got & it’s there to protect you. In the heat of the moment, it might feel “right” running toward the smoothest app but… it could mean running straight into a trap.

Your Turn

I have played my part, now it’s your turn:

• If you had to choose today, would you take convenience at the cost of risk, or security at the cost of friction?

• And if you had to design the perfect app, would you lean more toward ease-of-use or solid protection?

Let me know below. I love seeing your comments and learning how you think about these things.

If you want more content like this, hit subscribe and restack. I’m on a mission to help people see through the noise, and make them understand what’s going on behind the curtain.

But for this to reach more people, I need your support. Subscribes and restacks aren’t just numbers - they’re what keep this mission alive and spreading.

And hey, if you want to talk 1-on-1, don’t hesitate to DM me.
I’m always up for a good conversation.

Dive Deeper

• How AI Is Transforming Multi-Factor Authentication Security?

• Security Versus Usability: A New Approach

• Striking the Right Balance: Navigating the Security vs Usability Dilemma

• https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/