I’m staring at wire copy-– a news alert that eBay is asking customers to change their password after a data breach. Add it to the pile.
In the last month or so, I’ve had the same notices from my banks and my email providers. I finally took them seriously and changed some passwords. Now my fear of having a password memory crash has finally come true.
I have at least 30 accounts that require passwords, which puts me right in there with most people. Consumer research by Deloitte Canada found that the average person has 26 accounts – but uses only six different passwords. Well, of course we do! I can barely remember to feed the cat… and he meows at me incessantly.
So we stick to what we know when it comes to passwords. I laughed when I read this quote from Duncan Stewart, Deloitte’s Director of Research, Technology, Media & Communications: “We’re really bad at being random. We put the capital letter at the beginning of the word, we put the numbers at the end of the word and we put them in sequence, we base them on common words and we don’t use the full set of symbols.”
Hackers know how to exploit our lack of creativity-- and that’s why companies are asking us to create ever more complex passwords. Let’s see… at least eight characters, uppercase, lowercase, numbers & symbols… all included in one string that we’re supposed to be able to recall at will.
No wonder a Harris Interactive poll found that 38 percent of us would rather clean toilets than create another username or password.
Thus, my reason for waiting so long to change any of mine-– and now that I have, I’m having trouble remembering which ones I changed and what catchy little combination I came up with. Logging in has become a maddening experience… I mentally flip through the short-term files in my brain, hoping the right username & new password will pop up in my memory. When that doesn’t work, I search my notebooks (you know you have them too) for the clues. Finally, I resort to having a password reset code sent to my email, and I have to create a new password all over again. Aargh.
Ten years ago, I talked to cyber security experts who said that biometrics, like fingerprint scanners, would be an easy way avoid all this password frustration – and thwart the hackers too. A decade is a very long time in the tech world. I can’t understand why a different system hasn’t become standard yet. In the meantime, I avoid any sites I can that require me to create new usernames and passwords. E-commerce is going to have to find a better way.
WTTG FOX 5 & myfoxdc 5151 Wisconsin Ave. NW Washington, DC 20016 Main Number: (202) 244-5151 Newsroom: (202) 895-3000 firstname.lastname@example.org