There is no question of how important security and data protection is. The point of my discovery is that even in the most secured application with many layers of protection, there is always a point when a user interacts with the app. And if security-focused requirements affect User Experience in a negative way, making it confusing, unintuitive, or annoying – then users will try to simplify their tasks to avoid the complexity and confusion and will act in the way that will make the security of their data, and the security of the application itself weaker.