Proposed Change:
It would be helpful to identify the implications of implementing countermeasures when they potentially conflict with other security goals. For example, requiring a 15-character complex password counters many attacks on passwords. However, that hurts usability of the password for end users.
Justification:
Help readers make more informed decisions regarding the proposed countermeasures to adopt.
General Comment
Threat ID: None.
Type of Comment:
Proposed Change: It would be helpful to identify the implications of implementing countermeasures when they potentially conflict with other security goals. For example, requiring a 15-character complex password counters many attacks on passwords. However, that hurts usability of the password for end users.
Justification: Help readers make more informed decisions regarding the proposed countermeasures to adopt.