A very common attitude towards computer security is that if a person isn't using the computer to do ``secret'' work, there's no point in expending effort to make thing secure.
This is a huge mistake, which can result in all sorts of unexpected disasters. Here's a short list of some of the things that you can personally be held responsible for if somebody breaks into your account:
Most computer breakins where the intruder gains ``root access'' to a computer begin when the intruder breaks into a regular user's account. Once on the machine as a regular user, the intruder can then launch an attack to gain root access on a machine. This is why it's so important to the common good that you protect your account.
Depending on the sophistication of the intruder, under some circumstances a ``root compromise'' on one of our machines could result in the following:
The UR has suffered breakins which have resulted in ten or more days of downtime for an entire department. We are familiar with a case in which an entire university removed itself from the Internet for several days.
It's important to recognize that we're an interdependent community. We all depend on each other to insure our mutual security.
There is always a tension between security and convenience. Our goal is to find the best balance between those two conflicting desires.