| ||
At a high level, the pattern here is a failure to explore the way the typical user is going to interact with your security features. Its a pattern most people fall into, but can be difficult to spot explicitly. We generally look to see if projects have an explicit usability engineering effort, and whether that effort encompasses security. If not, there might be ways for users to shoot themselves in the foot . This sin certainly isnt as cut and dry as many of the other sinsits not the case that, if you see the pattern, there are definite problems waiting in the lurch to be found.