Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Users Are Not Stupid: Six Cyber Security Pitfalls Overturned



Julie Haney


The skilled and dedicated professionals who strive to improve cyber security may unwittingly fall victim to misconceptions and pitfalls that hold customers and users back from reaching their full potential of being active partners in security. These pitfalls often reflect the cyber security community's dependence on technology and failure to fully appreciate the human element. This article offers cyber security professionals a primer so they can recognize and overcome six human element pitfalls in cyber security. Each pitfall is supported by real-world examples or findings from human-centered cyber security research. In addition to gaining an awareness of these pitfalls, readers will learn about specific strategies for how they can improve cyber security and empower users at all levels by addressing the human element in their organizations' cyber security products, decisions, processes, and policies.
Cyber Security: A Peer-Reviewed Journal


cybersecurity, usability, usable security, human element, users


Haney, J. (2023), Users Are Not Stupid: Six Cyber Security Pitfalls Overturned, Cyber Security: A Peer-Reviewed Journal, [online], (Accessed June 13, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created March 16, 2023, Updated February 28, 2024