Tuesday, September 7, 2010

passwords and other memory teasers

I have finally found a password to use on this and other pages that seems to satisfy the rules about complexity and is also one I can remember.  The trick for me is that I want to use the same one for the hundred or so other internet sites I use that require a password. Is that allowed? Doesn't that make it easier for a hacker to figure it out somewhere? And what about the suggestion that passwords should be changed occasionally to protect from that? For example, what if someone were to unravel my silly code?  They would then have access to everything - my private familysearch account with my children's and grand-children's birthdays and birth-places. Surely you don't want the whole world having access to the private records of living people.  Maybe you don't even want one hostile stranger to have that access.  And then there are my bank accounts.  And the risk of identity theft. 

So okay,  suppose I agree it is good to change passwords on really important accounts occasionally, but how to remember then what password goes where. Surely no one has the time to change the password on every account regularly and how do you remember which ones you changed and which you didn't?  And you are not supposed to use the same one over and over are you?  I know, store them on a Rolodex!  Back to the dark ages.  Just to get into the sites on the computer you want. 

This all came up because a friend mentioned to me that she tried to find this blog and it came up missing.  I then remembered that when I originally registered it, because I didn't understand what part of the URL I was supposed to fill in for the address, I ended up with a ridiculous looking address nana-www.nanasworld.blogspot.com).  So I changed it.  Then I forgot what the new address was so when I tried to access my own blog from my facebook page (which only had the old address), I found out it didn't exist.  I didn't remember my user name and password anyway, because I had been accessing it from the address for so long and didn't actually sign in. And I couldn't remember the new address because I didn't blog for so long.  Well, you can see I finally did find myself on blogger.com.  (I also found out that there is a blog with an almost identical name on Blogspot.com - mine is more interesting of course.)

However, the whole thing did revive some frustrations I have with passwords etc.  Recently I changed my PIN for my bank card.  I just suddenly got nervous about my card's security - inspiration or gut feeling or something.  And you are supposed to do that anyway.  In any case, I remember the PIN for that card just fine since I use it all the time, but who has only one bank account these days.   We use four banks actually.  Ridiculous I know, but our Mortgage line of credit is at the TD, personally banking at the ATB, our old account which proves useful sometimes at the CIBC, and we have an old PC account that we have started using recently because when we use the card we earn points for free groceries.   After I changed the PIN on my personal account, I couldn't remember if I used the old number or the new number for the PC account, and if it was an old number, which number it was.  When I tried to access it, I tried so many numbers the machine froze my card.  I knew it was the same as one of my other accounts, or what one of my other accounts used to be.  It is a mass of confusion and a gigantic bother.  The teller at CIBC told me when I got that PC card that she just uses the same PIN for all of her accounts, although you are not supposed to do that, the rationale being that if a hacker figures it out they can access all your accounts.  I guess you just better not lose your wallet in that case. 

Then there are the telephone accounts for banking, telephone and satellite accounts. Some of them use and a three number PIN and some use four numbers.  When I called PC to get them to unlock that account, the person asked me for the first and last letter of my telephone password. I thought she was nuts. It wasn't even numbers at all but a 'secret' word.  I probably established that one 10 years ago, and as if I was going to remember it.  I told her I hadn't the foggiest idea.  So she told me the first letter was a "V".  Well anyone who knows me could have gotten her to put in their own PIN for my account because once I knew the first letter, the last letter was a giveaway.  Hundreds of people who know me would have known it also. So I guess now I have to change that one too.  Not too big a sacrifice since I couldn't remember it anyway and she had to tell me what it was.  But I know it now and if I change it, well, just one more thing to remember.  Funny though, even telling her the whole word didn't work for her - I had to tell her only the first and last letter! How bizzarre is that?

The only conclusion I can draw from all of this is that in order to function in our computerized and technological society you have to be a computer yourself.  No human could keep track of all these secred passwords, codes and PINs.  You are not allowed to use easily understood and remembered passwords like birthdates of yourself or family members, or names of people you know and love, you have to make it as difficult for yourself as possible - random combinations of letters and numbers are perfect because no one can guess them, and neither can you! 

I have no solutions for this frustrating problem.  If I did, I wouldn't be frustrated would I?  If you have a solution, I wish you would share it with me.  I am certainly sick of going to a bank machine to make a deposit only to find out that the PIN I thought was the PIN for that account isn't.  Not to mention being made to feel stupid by some telephone banking person because I can't remember the secret code I only have to use once every ten years!  I NEED a solution!

Feel free to make suggestions.  Since I rarely hear anyone mention this problem that I think I must share with hundreds, maybe thousands, even millions of people, maybe there is a secret everyone else knows except me.  There's a conspiracy theory for you.

No comments:

Post a Comment