Unstealable Passwords
My computer here at work makes me change my password to login every 20 or so days, and I can never repeat an old password. It’s annoying. I’m sure the IT department would argue that it’s for security, to make sure no one can get into my computer. However, I posit that computer systems in general are overly worried about “people” finding out what your password is.
I say that because I sit next to an unassigned computer, which all of our free-lancers and interns use to check their email. Since they’re not full-time, they do not have a password to access. So I give them mine. And almost all of the time, no one can type it in — EVEN WITH ME TELLING THEM WHAT IT IS — in less than four attempts. “All uppercase? Wait, how do you spell that? Did you say ‘zero’ and THEN ‘i’?”
I don’t have crazily complicated passwords either. Once it was my last name “hines” — and someone kept typing “heinz” even when I spelled it letter-by-letter. I would say “H” and he would type “H.” Then I’d say “I” and he’d type “E.” I’d see him do that and say “You typed ‘E.’ I said ‘I.’” and he would say “oh.” Then I’d just type it in for him and he’d check his email.
They certainly can’t remember it from visit to visit. I wrote it on a post-it note and stuck it to the wall of the cubicle. They still ask me “what’s your password?” I point to the post-it note; they type it in incorrectly and ask me what it is, which I tell them for them to still type incorrectly.
I’m sure it makes sense to change your online passwords, especially to things like amazon.com where you might have credit card information stored. But in my experience passwords for things that require human beings to type them in are almost unsteal-able because human beings in general cannot remember series of letters and numbers of any length for even one second even when it being said to them as they have to remember it. Yours truly forever, Will Hines.
At my last job I used to keep all my different passwords on a piece of paper in my top desk drawer (War Games style) because I had so manny different ones that I always had to change (and they all had different rules about what I could use. How many numbers. Enforced upper case. Can’t be similar to an old one).
So by having to change so many passwords I felt I was forced to make my computer even less secure. At least from a young Matthew Broderick.
Kevin
19 Jun 07 at 2:53 pm
i love wargames
Brian
19 Jun 07 at 3:06 pm
I am forced to change my password every 90 days. The restrictions are severe. You have to use upper AND lower case letter. You must have a number and a symbol such as @#$. And like you said, you can not use a password that you have ever used in the past.
Needless to say I have had to reset my password numerous times which of course sucks because then I have to think of another ludicrous combination of letter, numbers, and symbols in order to gain access.
RyanS
20 Jun 07 at 1:50 pm
Hey. Nice point.
I tried to email you about me being in NYC tomorrow night, but you either never got it or you’re ignoring me. If you’re not ignoring me, just shoot me an email back if you’re interested in grabbing a quick dinner.
If you are ignoring me…just keep on ignoring.
-Brutal
Brutal
20 Jun 07 at 4:13 pm
20 or so days? That’s nuts.
Dan Goldstein
22 Jun 07 at 10:06 pm