Computer users are exposed to technology mainly through user interfaces. Most users' perceptions are based on their experience with these interfaces. HCI (human computer interaction) is concerned with these interfaces and how they can be improved. Considerable research has been conducted and major advances have been made in the area of HCI. Information security is becoming increasingly important and more complex as business is conducted electronically. However, state-of-the-art security-related product development has ignored general aspects of HCI. The objective of this paper is to promote and enable security awareness of end-users in their interaction with computer systems. It thus aims to consolidate and integrate the two fields of information security and HCI. HCI as a research discipline is a well developed field of study, and the authors are of the opinion that the use of security technologies can be significantly enhanced by employing proven HCI concepts in the design of these technologies. In order to achieve this, various criteria for a successful HCI in a security-specific environment will be examined. Part of the Windows XP Internet Connection Firewall will be used as a case study and analysed according to these criteria, and recommendations will be made.