www.Katonian.net
Remember when I used to blog here?
HOME
ABOUT
FEEDS
TOPICS
ARCHIVES
LINKS
SEARCH...
Search WITFITS Blog Posts
Search All WITFITS Content: Blog, Digg, flickr, etc.
TWITTER UPDATES
Topics: , , , ,
Digg This!
Del.icio.us
Stumble Upon
Stumble it!
Mail to a friend

113341734704198625
The Password Is...
by Kato @ 1:18 AM
As I discussed the other day, I was recently the victim of credit card fraud. In light of my personal information being stolen and used to buy God knows what kind of European goods and services (fifty dollars worth of Toblerones, perhaps?), I decided I might want to take a few steps to tighten up the security of my many Internet accounts.

I have accumulated a good two dozen or so accounts on the InterWeb over the years and, to be honest, I've never been really clever about my passwords. I've been meaning to beef them up for some time, realizing that if someone were to put two and two together they could probably cause me a fair amount of grief. So, I've been taking steps to make my passwords more secure. I spent a good deal of time coming up with ideal strings of characters that were sufficiently long, contained no dictionary words, incorporated letters/numbers/characters, featured varying case, etc. Go figure, as I started to implement my system, I was stymied in several places. For instance, check out this statement on National City's website concerning account passwords (emphasis added):

At National City, we take security and privacy seriously. In order to provide additional protection for your account information, your Password must:

1. Be completely different than your Log-in ID
2. Contain 6 to 12 characters
3. Have at least one letter and one number in it
4. Not contain special characters (! @ #)

Number four, of course, contradicts everything I've ever read on constructing strong passwords. I found several sites like this, which frustrated and annoyed me, especially since I can think of no logical reason to limit which characters can be used, other than lazy programming on the back end. I'm waiting to come across a system with the following restrictions:

At We Get Hacked A Lot Industries, we take security and privacy with a grain of salt. In order to provide trivial protection for your account information, your Password must:

1. Be completely memorable and ludicrously simple
2. Contain exactly four (4) letters
3. Have some letters and no numbers in it. Don't even think about putting a special character in there. In fact, don't even use any letter of the alphabet after p, it taxes the system too much.
4. Be the word 'poop'
Stumble Upon
8 comments
Miss Scarlet said...
  12/04/2005 12:25 PM
I can't tell you how many times I encounter this frustration. The best is when they don't tell you what the password requirements are, so you have to find out on your own that it is too long, or too short, or you're not allowed to use the same character twice in a row (sorry, "poop" is not a valid password. please try again). So if your mother's maiden name just happens to be Oovalsa#vicc8875, you can't use it as your password but any shmoe who has stolen your identity and uses the "I forgot my password" feature is going to Aruba on your tab.

And what's up with word verification being so hard to read that even real live people often have to try twice? (Ticketmaster is horrible for this.) Doyjmc!
Paulius said...
  12/04/2005 10:50 PM
I'm lucky with this. I have the dubious talent of being able to remember strings of numbers. Tell me a 9 digit number, I'll repeat it three times, and it's permanently stuck in my head. (I still remember the first telephone number I ever had...not bad considering I was three, and we only had it for 2 months.

Basically, all my passwords are 9 digit random numbers, with the odd letter thrown in.

I also never use the "I forgot my password" thing. Anyone who knows you slighty can guess it. If I do, I just make up a random answer, that has nothing to do with the question.
Kato (post author) said...
  12/04/2005 11:01 PM
Scarlet: Aruba sounds nice. Word verification is tricky, I'm guessing it has to be non-standard enough to make it tough for a image processing app to read it, but still recognizeable for a human. Blogger isn't bad, but some of them are aweful. I was listening to a podcast the other day where a blind podcaster was lamenting the technology because, obviously, he has a hard time with it. So far I've only seen one site which has an audio version for the visually impaired. upskbjwq!

Paulius: That is indeed a dubious talent. I had a prof. in college who once told us that his wife had the annoying habit of remembering phone numbers as 4-3 instead of the usual 3-4 pattern. For example, if their number was 555-6024 she remembered and said it as 5556-024.
Paulius said...
  12/05/2005 7:05 AM
Well, I remember phone numbers in the British pattern. 5 digit area code, followed by a 6 digit number.

I can symapthise
Kato (post author) said...
  12/05/2005 11:28 AM
Somehow I knew you would.
SquirrleyMojo said...
  12/22/2005 2:17 PM
Uh. You just stole 30 minutes of my life. Can I have it back?
SquirrleyMojo said...
  12/22/2005 2:18 PM
I can't come back here. You ask to much of me. You simply want more attention than I can give.

I'm sorry.

But I'm gone.
Kato (post author) said...
  12/23/2005 1:08 PM
Sorry, time spent at WITFITS is non-refundable. But, if you spend another hour and a half we'll send you a free* WITFITS totebag emblazoned with Kato's grinning visage!

* Totebag may not be free. In fact, it doesn't exist. WITFITS of America Corp. is not responsible for dashed expectations.
Leave A Comment
Newer Post
Older Post

© 2009 Kato Katonian
"I'm glad to be with you, here at the end of all things."
DASHBOARD
NEW POST
TEMPLATE
GOOGLE ANALYTICS
HELP
SIGN OUT
Personal Blogs Blog Directory