P1ck1ng Pa55W0rds

Nathon's Xanga Site	What the heck am I doing with a Xanga site?

About this Entry
Posted by: Nathon Original: 7/15/2008 6:21 PM Views: 287 Comments: 20 eProps: 34 Read Comments Post a Comment Back to Your Xanga Site

Tags
humor rant

Who recommended?
momofjenmatt VaultESL o0gaboga Made2sing4Jesus wilfulsunflower jaded_maudlin

Who gave the eProps?
2 eProps from: VaultESL yello_lego o0gaboga mAnGLeDmiSTlEtoE Made2sing4Jesus nephyo guestbrief divinity2B Bricker59 musicmom60 filtered_sunlight john9ten PXSmall hapax23 kwabert math_music_me GiggLes9

Read or Post Comments

Tuesday, July 15, 2008

*click...
Your password has expired, please enter a new password...
*tap... *tap... *tap... *tap... *tap... *click.
Invalid password.  Your password has too few characters, please choose a password with at least 8 characters. Please try again.
*tap... *tap... *tap... *tap... *tap... *tap... *tap... *tap... *click.
Invalid password.  Your password may not be identical to any of the previous 12 passwords you have used. Please try again.
*tap... *tap... *tap... *tap... *tap... *tap... *tap... *tap... *click.
Invalid password.  Your password must contain at least 2 numbers or symbols, an uppercase letter, and be in iambic pentameter style. Please try again.
*tap... *TAP... *tap... *TAP... *tap... *7@P... *7@p... *TAP... *tap... *TAP *click
Invalid password. You forgot to stand on your head and recite the preamble to the Constitution while drinking a Cherry Coke Zero through a straw. Please try again.
*tap.. *BANG... *SLAM... *CRASH... *bloop?... *KILL... *KILL... *KILL... *weep... *click.
Invalid password. Why don't you just give up and go back to pen and paper, because obviously you don't have what it takes to make it in the 21st century. We have disabled your account and called your mommy to spoon feed you. You might as well do something because you won't be able to call us to access your account until we open for business on Monday.

I think most of us can relate to the situation where you're on the sign-in page to a website you don't use very often and you just typed in, for the second time, a password that didn't take, and you're frantically trying to remember which of your 4 or 5 default passwords is the right one for this website before your third and final allowable attempt, after which you're locked out of the account. It almost feels like you're choosing which color wire to cut on a time bomb before it blows (which never made sense to me... why would a bomb-maker want to make it easier to defuse his bomb by color-coding the wires?)

I think it is incredibly ironic that the main person that sign-in pages prevent from accessing accounts is most likely the account holder. It's quite annoying to have to remember 27 different variations of the only real password you can actually recall to satisfy the password nazis. I can't remember two 7-digit phone numbers that I call almost everyday, much less the sign-in password requirements of the online 401(k) account that I check maybe once a year.

And what's their solution? If you forgot your password, they email it to you... or at least a link to click to reset your password... to which you now have to come up with a new password that is not the same as your old password. Which begs the question... why don't they just let you use your email login and password to access all your accounts? I mean, if some identity thief has your email address and password, they pretty much have access to all your passwords anyway, right?

In fact, I think that in the name of security, these things that websites do to try to make it more secure, they're actually making it less so. What they don't take into account is the human element. Yeah, if I were a computer that can generate random numbers at will and store them in ROM indefinitely, this works... but people don't have this capacity. I know someone who has to remember so many different passwords that he just keeps a list of all of them in his wallet. How secure is that?

At work I have to sign-in to an intranet website to fill out my time card... fill out my time card!... It used to be that your time card was written on a piece of paper you just left on the corner of your desk. Why do I need my time card transactions to be so secure? Not only this, but I have to change the password every couple months. So what do I do? I just use my old password and add numbers in sequence after it like oldpassword1... oldpassword2... oldpassword3... How secure is this? Insanity.

I can imagine what will happen when biometrics become commonplace...

Invalid body part. Please choose another body part that you haven't used in the last 12 months.
*squish...
Invalid body part. Please put your pants back on. I don't need to see that...

Posted 7/15/2008 6:21 PM - 287 Views - 34 eProps - 20 comments

recommend
recs6
share
email
sent0

Give eProps or Post a Comment

20 Comments

Isn't that the truth. Passwords, the scourge of the Internet.

Posted 7/15/2008 6:30 PM by VaultESL

- reply

Ugh, I totally feel ya. Our school's system requires that we change our passwords every couple months, and there are all these blasted requirements like the ones you've listed above. I'm certain my account is less secure as a result of me habitually forgetting my password and having to reset it all the time.

Biometrics, Ha!

Posted 7/15/2008 6:31 PM by yello_lego - reply

lol i hate passwords.

Posted 7/15/2008 6:37 PM by o0gaboga - reply

I pretty much use the same password for everything....fortunately, no one seems to realize that a long password can also be a very simple one.

Posted 7/15/2008 6:38 PM by mAnGLeDmiSTlEtoE - reply

Thank You I need to Belly Laugh ROLFLMBOLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

Posted 7/15/2008 6:42 PM by Made2sing4Jesus

- reply

lol, you're right! It's kinda silly. Especially since *email* is horribly insecure. Nobody uses encrypted email.

The secret questions and stuff is even worse BS. They are causing us to broadcast our personal information with entities that's trustworthiness is questionable at best. All in the name of the security.

Anyway there are lot of programs and services out there that will generate a unique password for you for every site you access based on a single password, so you only have to ever remember one but all your sites will have unique passwords. They use some sort of one way hash using the domain or something plus your original password to generate strong secure passwords. It's a pretty good system.

Biometrics are a lot scarier to me. Honestly I don't WANT my iris, DNA, and/or fingerprints in some databases that will trivially be cracked and stolen. Not the mention the possibility of abuse by the people who actually are taking it. It's a scary world where biometrics govern everything. I'd rather stick with sucky passwords.

Posted 7/15/2008 6:44 PM by nephyo

- reply

lol, thats pretty funny!!! mostly because it's soooo true!!! :D

Posted 7/15/2008 8:17 PM by guestbrief

- reply

LOL -- hilarious blog!!! But true -- passwords can definitely bring out the worst in me!!! ;)

Posted 7/15/2008 9:42 PM by divinity2B - reply

I liked this.

Posted 7/15/2008 11:36 PM by Bricker59

- reply

So true...it's gotten to be ridiculous. I've made my passwords so strange and obscure that if anything ever happens to me, my kids will never be able to figure them out and they'll not be able to get my will or close my accounts or pay my bills or anything. What do you do, write them all down and put them in a secure location accessible only by...password?

Whatever happened to a lockbox for important papers? My mom used to keep all my family's important stuff in a really antique refrigerator in the basement. That way, if the house ever burned down, the papers would supposedly be protected, since the fridge was like Fort Knox. Of course, this was way before computers or internet or even CD players. The 60's.

Now, the house just burns down, with the computer, and after you've recovered from that shock, you have to go log on somewhere and try to remember all your freaking passwords.

Posted 7/16/2008 12:07 AM by musicmom60

- reply

I go through this every first day of the month at my company. We have to sign in to clock in and we must reset our five-character password every single month and we can't use the same one within 12 months. Okay...fine...one of my past 5-letter combos was f***u, to express my annoyance with this system. Then, for extra interest, the system randomly generates another three letters that you have to attempt to remember. (Example: 'F***UTEY') Of course, if it's a really slow day, you can keep requesting the system to reset those last three until you have something truly memorable. (Most notably, a manager's password of "BUTTSEXX"...he gave it willingly while off property so that a customer complaint could be resolved.)

There are programs like RoboForm, but what happens when your computer is hacked and then someone has all of your usernames and passwords along with the websites that you go to? I also love playing the guessing game of, "Which pet's name did I pick when I selected this security question??" And, "Did I use caps when I answered this security question?" Oy!

Posted 7/16/2008 12:12 AM by filtered_sunlight - reply

As soon as I started reading this I wanted to smash the computer, it is so true. I have so many password protected places online that I have to have a written list that has all my logins and passwords.

Posted 7/16/2008 3:32 AM by john9ten - reply

I do the same thing at work. My password will be a type of flower like tulip1, tulip2 etc. They make us change it so much I think it's silly.

Posted 7/16/2008 4:36 PM by PXSmall - reply

I basically use three different ones that I rotate. That way with the three chances they give you you should be able to hit the right one. (It doesn't help if you've forgot to take the Caps lock off though.) hehe.
I'm definitely ready for the biometric or retina scanner.

Posted 7/17/2008 3:34 AM by hapax23

- reply

Oh yeah, I purchased a security code organizer program from Serif software, but my computer's on the blink and can't install anything right now so I'm not sure how it works. What do you wanna bet that it will require a password to get to your passwords. LOL..........

Posted 7/17/2008 3:39 AM by hapax23

- reply

@yello_lego - haha, yeah, maybe instead of even trying you should just click the "reset password" button every time you login.

@mAnGLeDmiSTlEtoE - yes, and your user name seems to testify to this as well... hehe.

@nephyo - what's even funnier is when they ask you to provide your own secret question. I once gave myself the question "Why are you wasting your time asking yourself a question?"

I store a bag of Skittles in there. She just gave me a strange look. But how funny would that be... I go to the bank and ask for access to my lockbox. The guard would go with me to the box, and I open it, pour out a few Skittles and pop them in my mouth, lock it up, and leave.

@filtered_sunlight - maybe we should make the answers to all those security questions: "none of your freakin business!"

@john9ten - I feel ya, john... but don't smash the computer... because then they win... and we don't want that.

@PXSmall - you know... you might get more than a few people trying to access your xanga account with that whole "tulip1... tulip2..." thing. I hope it's nowhere close to your actual password.

@hapax23 - haha, yeah, you should type in "that's your job - you tell me!"

Posted 7/17/2008 11:02 AM by Nathon - reply

SUCKS

Posted 7/17/2008 4:26 PM by kwabert - reply

"In fact, I think that in the name of security, these things that websites do to try to make it more secure, they're actually making it less so."
Nice points in that paragraph.
I have about 4 passwords that I rotate for most everything...but there are a few more annoying ones that I have to remember for just 1 specific site...

Posted 7/22/2008 3:29 AM by math_music_me - reply

and to add to all of it, here we are, talking about our passwords, making them even less secure...

Posted 7/22/2008 3:32 AM by math_music_me - reply