I work in a cubicle and it’s fairly common to overhear phone conversations. When I first started working there, I would always hear my co-workers begging IT Services for help: “Can you reset my password?” “Seriously people”, I thought, “how hard is it to remember variations on your birth date?”
Well, it turned out that it is harder than it seems because at work, like at home, passwords rule our lives.
At work, I need an ID and a password to log into my computer, another one to check my voicemail, a third one to log into the employee portal, and a bunch of separate passwords to book a meeting room, to unlock my phone and to check the voicemail on my cell. Gone are the days when you could create one master password and use it everywhere: all of our passwords must be different. They also have to be at least 10-character long, have uppercase and lowercase, numbers and special characters such as “+” or “%”. Damn. I guess some variation on the name of my first crush is not going to work.
And not only you have to come up with these super strong passwords, but passwords expire every three months. And the new password must be drastically different from the old one, otherwise the system doesn’t accept it.
This is why we spend an insane amount of time either trying to get a password reset either banging on the keyboard with frustration.
I could memorize my IDs and passwords at work if I didn’t have an impressive numbers of passwords at home too. I have a PIN code for my debit card, another for my credit card, and two different passwords for online banking. Now, when I pay bills online, I also have to input my “personal verification code”, which is just another fancy name for a password. Last time I called my cell’s customer service line, I was asked to enter my “personal identification number”. “Which one is that”, I asked the customer representative. “Is it my four-digit PIN?” “Of course not! This is the number you set up the first time you call customer service”. “But I’ve never called customer service before”, I pleaded”. “Then I will leave a message on your voicemail with your new personal identification number. Wait, you DO have your personal code for your voicemail, right?”
I’m suffering from password overload. I know passwords are supposed to help me—after all, they protect my privacy and personal information. And there are solutions. At home, I have passwords for all the websites I regularly visit, as well as for my blog and my email—but thanks to a smart Firefox plugin, I save them on my personal laptop that no one else uses. I guess it’s not great security-wise but it beats writing down all of my passwords, something a lot of people do.
Indeed, this passwords overload is extremely confusing to the average user. Passwords expire on different schedules, and various computer systems have different requirements for the rendering and length of the passwords. Passwords are sometimes randomly assigned—good luck memorizing something like “765A&?%$b”!
And in addition to passwords, you sometimes have to decipher captcha and answer a previously set up security question. When I was abroad, Yahoo! insisted on making me type the security code displayed each time I logged into my emails. My bank required me to set up three security questions with unique answers and randomly prompt them to me when I check my account online. This is annoying. I feel like yelling “don’t you recognize me? This is me, hello!”
This irony of all these security measures is that the average human is not programmed to remember a gazillion of obscure passwords and IDs, and that sooner or later, we all tend to write them down. Besides, ideally, the best passwords (a random mix of upper — lowercase, numbers and special characters) are hard to remember. If given the choice, most people choose to use some bits of personal information—birth date, address, nickname—that are, in theory, easy to find out.
Don’t get me wrong, I’m all for technology and security. I’m just scared one day I’ll be locked out of my life, that’s all.