In the late 90’s, it was largely considered users were unmotivated and lazy when it came to cyber security. This UCL research suggested, actually, users compromised security systems through lack of security knowledge and non-user centric security mechanisms. Researchers concluded users needed greater cyber security education and security mechanisms needed to be more user-centric in order to decrease the risks introduced by people.