Passwords, Passwords, Passwords

Darrell, Staff Writer

As part of my job, I often help out with office tasks for my company. Every time I do, I have to type in a slew of passwords for the different systems we use. To log into the computer, I have a work password that I have to reset every couple months (“I guess I’ll end it with a 5 instead of a 4 now...”). On top of that, I have memorized passwords for three different company-related email accounts, as well as separate systems that scan tests, send mass emails to students, access students’ information, enter that information in the first place, log course attendance, fill out my pay sheet, charge expenses to the company, send packages via FedEx, and access online classrooms. Every single item I just listed has a different username/password combination. I would complain about the efficiency of a company that doesn’t consolidate all those tasks, but I’m guessing you’ve worked at similar places.

At home, I get no relief. I have different usernames and passwords for my personal email, bank account, cable company, electric company, water company, cell-phone provider, Twitter, Facebook, and the various other games and services I use on the web. People wonder whether we’re getting dumber because we no longer have to memorize phone numbers. Ha.

Memorizing all those passwords isn’t so bad, really. For most of the frivolous stuff, I do what a lot of people do: I reuse the same three passwords. I have one for games, one for message boards, and variations on a string of unrelated characters for the ones that involve my financial information. Even that doesn’t simplify things perfectly, though, because every site has different rules about usernames and passwords. I can’t tell you how many times I’ve tried to log into a site I haven’t visited in awhile and wondered, Okay, which of my three regular usernames is being used here? Or did they provide the username and that’s why I can’t remember it? Or do they want my email address? Which email address did I give them? Did I consider this site game-related or thought-related? Or is this one of those game-related sites that curiously requires at least two non-consecutive “special characters” even though it has never asked for any personal information?

Usually, that frustration leads to one of two options: give up and say, “I guess I’m not visiting that site ever again” or click the “forgot password” button. The latter option only makes things worse, though, because it usually gives you a new, random-string-of-characters password I’ll never remember. So copy, paste, log in every time. Sometimes, it immediately makes me reset the password to something I haven’t used before -- and the system remembers all my prior passwords a whole lot better than I do. Copy, paste, lather, repeat. To sum up this overlong rant, passwords are a mess.

So what’s the solution? The ever-multiplying tentacles of Facebook are trying to be the solution by allowing sites to use a “Connect with Facebook” button. That might be convenient, but I hate that so many services turn the meaning of that button into “post high scores on your Wall so all your Facebook friends know you just played a stupid game”. I can’t tell you how many apps and games I’ve uninstalled for that reason.

In a previous post, Sean mentioned distributed identity systems like OpenID, which does more-or-less the same thing as that Facebook button, but is less popular and forces you to create yet another username and password. That sounds less convenient, unless every site embraces it. I don’t see it taking off, then, unless everyone simultaneously abandons Facebook.

Thus, I think I stumbled onto the real solution to our password woes: wait for the moment when the world finally, completely distrusts Facebook. Maybe they’ll publish all our most embarrassing photos on a 24-hour cable channel, running on a continuous slideshow. Maybe they’ll inform all our corporate employers exactly how much time we spend playing Farmville during working hours. Whatever it is, something will make the public turn against Facebook, allowing an entity like OpenID to swoop in and universalize all our passwords. Until, you know, someone exploits that entity and steals all our identities, turning us into penniless clones.

Perhaps that’s the (extremely unlikely) price of convenience. If it happens, at least it’ll be interesting.


blog comments powered by Disqus