An online article I scanned recently claimed ‘Password1’ is still tops when it comes to passwords being used in the business world. This is disturbing to me as an American who was raised to believe we live in the most innovative country on the planet. Meanwhile, the rise in identity theft over the past decade makes lots of sense now.
Clearly, people are ignoring the strength bar to the right of the screen when selecting a password. As you input the characters, the strength bar determines how secure your password is based on the type and number of characters used. ‘Password1’ would be categorized as weak, whereas ‘L&fbR8^6s!m’ would be considered quite strong.
The problem is remembering ‘L&fbR8^6s!m’ when you are ready to log in. It is, of course, much easier to recall ‘Password1.’ And today, anyone interacting with the world around them via the latest technology has a collection of passwords bigger than my old assemblage of baseball cards to recall.
Not only are we required to hoard passwords, we must also maintain a list of security questions — with answers, mind you — to further safeguard our personal, sacred and sensitive information and data. So, after recalling a carefully selected password, we must also remember not only the name of the first dog that died in our arms, but also exactly how we spelled the name when we quickly answered the security question at the prompt.
Upon reflecting on the password strength issue, I’ve come to the conclusion that there are three types of people in this world. There are the simple folks who are content to use ‘Password1’ or ‘email1234’ to access their life. There are technical-minded people who think ‘L&fbR8^6s!m’ could be tweaked to increase security. Lastly, there are people who, like me, fall between the two in the realm of password strength needs.
Having been reared by a computer programmer, the first thing I do with a new account is change the default password. The first step in the hacker handbook, according to my dad, is “Try the default password.” My siblings and I were raised to believe hackers were bad. We were taught to — at the very least — challenge those who had nothing better to do than hack into the lives of others. Despite my upbringing, there are a few cheats I use to make my password life less stressful.
While this is not good practice according to techies, I only have a few different passwords. I use them for the many, many e-accounts with which I interact on a regular basis. Every now and again, I’ll make up a new one and update several accounts. But, as dangerous as it may be, I do not have a different password for each and every account.
Another risky thing I do in regard to my password development technique is employ mnemonics. I like to incorporate important family dates, name combinations and other personal information. Not only does doing so help me remember passwords, it also helps me remember important dates and other personal information to which others might take offense should I forget.
That said, my nieces probably wish I’d use their birthdays in my passwords.
Another trick I use to help me remember passwords is to not allow my computer or browser to remember them for me. Using the passwords repeatedly throughout the day, every day, burns them into the instant-recall memory folder of my brain.
My medium-strength password habit will most likely get me into some kind of trouble someday. But for now, I’m perfectly comfortable that I won’t be the first one hacked.
Meanwhile, isn’t there a better way to secure personal information? We’ve been using the password system for as long as I can remember. Devices, operating systems and applications are updated practically daily. Yet, we still use passwords to access our virtual stuff.
Keys — or manual passwords — used for physically locking up our tangible stuff have even evolved over the years. We have card-sized swipe and remote keys. Despite progress, we still cling a string of characters to access our e-junk.
With touchscreens so popular, you’d think we could access everything via a fingerprint. Our fingerprints are completely unique. A tap of the tip of a finger would make life so much easier and more secure. And it would satisfy the needs of all three categories of people.
For ‘Password1’ people, a fingerprint is even easier. For ‘L&fbR8^6s!m’ people, you can’t get any more unique or secure than a fingerprint. And for those of us in the middle, our need for some security combined with a way to remember is completely satisfied.
I’m sure fingerprint password technology exists and is even being used by computer development companies and the government. I just think it would be nice if we could all switch to fingerprint access.
Until that day comes and I can afford the upgraded equipment to make it happen, I guess I’ll continue to create an arsenal of passwords such as ‘09Hubby!36’ and ‘ThreeNieces$4bDay.’
• • •
Micki Bare is a columnist for the Arkansas News Bureau and the Courier-Tribune in Asheboro, N.C., and author of “Thurston T. Turtle Moves to Hubbleville.” She lives in Asheboro with her husband, three children and mother. Her e-mail address is firstname.lastname@example.org.