I Hate PasswordsI hate passwords with a passion.

Hardly a day goes by when I do not get a message from a website, social media site or financial site, asking me to change my password.

Usually, this is in response to a security failure from the particular website, as it probably was today when Facebook advised me that ‘Someone may have logged into your account,‘ and of course, told me to change my password.

Then, when I receive messages such as the following from my ISP, I have to wonder why we are still living with the daily curse of something as prehistoric as passwords.

Dear customer,

We have detected mass e-mailing being carried out from the address [email protected]

As problems may arise in the event of a complaint from one of the recipients, outgoing messages are currently being quarantined.

This mailing may be legitimate, but it is equally common for such activity to be caused involuntarily by:
– robots/spammers who have managed to steal the mail server password
– an error in one of the scripts installed on your website.
– a mail software vulnerability

We request that you do the following as swiftly as possible:
– run an antivirus/trojan/malware scan on all of your machines
– ensure that all of your site’s scripts are up to date
– change your passwords.

Change my passwords? What, again? Like I did, um, only two weeks ago? Damn, I hate passwords!

Technology, and in particular, the Internet, smartphones, tablets and alike have advanced so rapidly that it is almost embarrassing to look back at how things were only a couple of years ago. However, when it comes to security, nothing, and I mean absolutely nothing has changed since Windows 95!

Pass-bloody-words are painfully annoying, difficult to remember, totally inadequate and every damn place they are needed asks for them in differing formats, lengths and complexity.

Even though I hate passwords, I did a little research into what defines a strong password, and I found this very helpful list:

1. Do not use the same password for multiple important accounts.

2. Use a password that has at least 16 characters, use at least one number, one uppercase letter, one lowercase letter and one special symbol.

3. Do not use the names of your families, friends or pets in your passwords.

4. Do not use postcodes, house numbers, phone numbers, birthdates, ID card numbers, social security numbers, and so on in your passwords.

5. Do not use any dictionary word in your passwords.

Now, going by these five simple rules, all of my passwords fail the test instantly because that they are not 16 characters long. 16!! At least!!! Oh go away, I hate passwords. I can’t even remember my own telephone number, let alone a sequence of nonsense that long. On top of that, if I follow the 5 rules above, what will a good password look like without dictionary words, dates, names or memorable numbers?

Perhaps like this:

Ih8b!00dypA55wurDs!

Did I get to 16?

Such is my distaste for passwords, I dedicated a paragraph in my latest book to this matter, and introduced a new form of electronic security – licking. Yes, lick a device, and then a quick DNA scan of your saliva does the trick, with total security guaranteed. It also has the side benefit of discouraging people from borrowing your phone, iPad or laptop.

Yes, I really think saliva verification is the answer, don’t you?

Tagged on:             

2 thoughts on “I Hate Passwords

  • 07/01/2016 at 5:30 pm
    Permalink

    The forum is a brtgeihr place thanks to your posts. Thanks!

  • 26/03/2016 at 3:30 pm
    Permalink

    I enjoyed this post Derek!
    Please be careful when responding to the “change your password” emails. This is one of the top ways hackers dupe people into giving up their account access.
    The emails look like they came from the real company, the website the link takes you to looks like the real company – but it is all a dupe. Entering your current and new password in the website you have given the hackers access to your account!
    A good counter-strategy:
    Never use the link sent in the email.
    Hand type in the company website, login and then change your password.
    Don’t waste time trying to spot a fake. It is not worth your time to be wrong.
    Need help with a long random password? Random.org

Comments are closed.