At my dayjob, I have to change my password every six months.
Such is the tyranny of IT.
And really, I understand. I do. I mean, sure, a part of me wonders what bereft soul out there truly wants to hack into my user accounts to obtain all sorts of deadly dry government reports. I can just imagine this villian. “Bwah ha ha ha! I refuse to capitulate to regular channels and FOIA this! I shall STEAL the information and then… and then… I shall HAVE it!”
This is why I don’t write espionage novels.
The thing is, I’ve been coming up with passwords for over twenty years now. Most of us have. When the whole computer thing, followed very quickly by the computer security thing, started ramping up, I had a system for passwords. I had a low-security password that I used for all sorts of non-financially related information, a medium-security one for more sensitive stuff and a high-security one for stuff that connected to money.
Yeah – I have nothing more important than money to protect.
Back then, I understood my tiering system. It was based on a coding only I understood. I easily remembered my passwords. Then they started telling me how my passwords should be. You know what I mean. More letters. Symbols. No leading or following numbers. And with complication the IT folks developed to foil hackers, the less likely they made it for me to remember all the contortions of my passwords. In fact, my passwords have gotten more consistent in many ways, because I don’t dare add my arcane spin on top of all of theirs.
The security questions started in.
Yeah, I know I’m supposed to know the answers to these things. After all, I put them in. Still, when I’m trying to transfer money in between conference calls and the computer asks me for the name of my first pet, I have to pause and think. What would have the past tense me have answered? The dog we had when I was born? The cat who was run over on the highway when I was four? The first cat that was really mine?
Or name of my paternal grandmother? Come on guys – like I have only one paternal grandmother?? We live in an age of multiply blended families. Did I pick my blood father’s mother or the mother of the stepfather who raised me? Besides, I always called her “Grandmother” – how did she spell her name again?
And don’t get me started on those first grade teacher ones. I had a team of six teachers (as I recall) and I can think of the names of about half of them. Favorite sports team? I don’t watch sports. Favorite song – are you kidding me?? When people ask me for my favorite song, book, movie, dessert, beetle or Beatle, I generally pick whichever feels shiniest to me at that moment. I don’t dare record that and hope to remember what past tense me thought she liked on any given day. As for my high school mascot, I can never remember if I think it’s singular or plural, the full name or the shortened version.
Recently, with the big Zappos hacking, I had to relinquish my low-security password. It was past time and I knew I had to do it. But it was my first password, nice and obscure, but I’ve been using it easily since 1988, I kid you not. I used it on sites like Zappos – the ones that insist I register as a customer, but with no consequences. I really didn’t care if someone ran amuck on Zappos masquerading as me, since I didn’t store any personal information on there. What were they going to do – screw up my shoe size preference?
Still, Zappos kindly sent me a warning saying that, if I used this password anywhere else, I should probably change it.
You people would not believe how many places I’ve used this one stinking password. I’m still finding them. It’s like cleaning out nearly twenty-five years of basement crap. And then examining each thing, cleaning it and slapping a brand new, infinitely more complicated password on it.
So, tell me I”m not alone in my rant. What’s the worst security question you’ve encountered?