Monday, June 18, 2012

Safety in Numbers

Is it just me or is security becoming a complete pain in the backside?

Amid sites getting hacked, and the many calls for everyone to use different passwords for each site you use, I have to ask; does any of these people actually use the internet like a typical net user?

Do you realise how many logins I actually have? If I did a typically recommended password with random jumbled letters and numbers with a capital letter, then varied it for EVERY site I use I would never be able to remember ANY of them.

Seriously.

I count about about 10 at work, plus anywhere from 30 to 60 sites I use at home. I challenge anyone without a freaky memory to be able to remember 70 sets of random letter infused passwords and the appropriate login name.

The real reason I think they ask us to use so many different passwords is just to cover themselves if they get hacked. They don't want their security breach to be responsible for your eBay account being hacked and money being spent on your credit card fraudulently. I can't believe in 2012 anyone would expect someone to have all those log ins without having to use a spreadsheet to keep hold of them all.

So the use of Facebook and Twitter as multiple log-ins is becoming increasingly useful. In fact on some occasions I have refused to sign up to a site as it didn't have a Facebook option and I couldn't be bothered to spend 20 minutes going through the registration procedure. Perhaps in the future when people are less starry eyed about Facebook, that interconnectivity and access simplification might be the thing that keeps it going.

Oh and on the subject of random letter passwords, XKCD said it best...

1 comment:

Anonymous said...

I was speaking to a developer / general IT whizz a little while back and he said that the need to have a randomised password for everything is actaully causing more problems than it solves.

In his experience everyone writes them down on a bit of paper, and sticks it somewhere near to the screen - which means you don't even need to decode it, you just have to get someone inside a building posing as IT support... (he worked for a bigger company than I do)

I think you may be on to something with you spreadsheet idea though - all you'd have to do is remember the password to get into that!