A project's threat model is critical for securing users, but traditional threat models have little utility for usable privacy software. A threat model lives in an idealized world in which a user knows how to properly use a system, but users inevitably stumble into compromising themselves due to negligence or apathy. Examples abound of people making short, predictable passwords, accidentally installing malware, or signing a PGP key improperly. Without adapting the threat model to a specific user's skills, knowledge, and use case, a threat model is an unrealistic world in which to develop. A solution to this "user threat," is provided by the development technique called "Personas."