One of the things I continue to be baffled by recently is regular users and their attitude towards security. There are people like us, who use things such as 1Password, Touch ID, 2-Step verification, all to make sure our content online, on our phones or computers, stay safe. We use FileVault to encrypt our harddrives, use apps that have Touch ID authentication, and never use the same password anywhere. We all have family or friends however, that don't use a passcode on their phone and just seem to not care. And when we try to encourage them to "use this awesome $35 super secure app so you don't have to memorize your passwords or have anything compromised", they shrug it off as a trouble not worthy of their time.
Security and hacking almost seems to be such a hassle, and no one cares about until they actually get their data stolen. It's interesting to view this from an outside perspective when I am one of those people that knows only a handful of my passwords by heart. Even then, those passwords are crazy generated ones from iCloud keychain and 1Password.
It's difficult to get into the minds of these people and convince them that taking a few extra minutes to set up a passcode, and a few extra seconds to enter said passcode, is a reliable and useful tool when dealing with your devices. Heck, I've seen people with an iPhone 6 that don't have Touch ID, or any passcode, enabled on the phone. And Touch ID has become so lightning quick that I don't even think about it. It's one of the selling features of the iPhone 6, featured prominently by Apple in the stores, and when you set up the darn thing, yet users just see it as a strange inconvenience.
Despite encouragement, marketing, and various other promotions by companies after events like Heartbleed, or whatever retailer is being hacked this week, it just boils down to users not wanting to take those few extra steps to lock down their information. Why make it so I have to wait for a text message from Google to login to my Gmail account when mypuppysname2012 works just fine?
Security just isn't their thing.