Tuesday, July 6, 2010

Forget your password?

So I am new to this blogging game. I haven't posted for a while because I forgot my password. Did you ever forget your password? I may be giving away my secrets but I normally have 3 passwords that I recycle. Since this is my first official blog I decided to get fancy and creative and.... well, it didn't work. I could not remember the brainstorm of letters and symbols, caps and small case combinations that unlocked the secret of my own personal blogasphere.

So I reset it. And wrote it down.

Which brings me to my latest musing.... I know the folks at I.T. security feel strongly that passwords should be STRONG. This, I have learned, is I.T. speak for "unmemorable". Where I work there are- depending upon your particular role- as many as 5 different computer applications that are required to do your job. In times past, employees were allowed to pick their own passwords after the first time logging into an application.

Those were the days when folks would very happily type in "password" or "welcome" or "signon" or even "hello" and be directed to a change password function where you could confidently put in some combination of birthdays, initials, ages, or dates. None of these secret codes were of significant importance to anyone and you could keep them locked in your own little brain. We all knew better than to use something like our birthday or initials so we made it random enough to be not worth the trouble to figure out but easy enough to remember. If, as is often the case, you were required to change it every 6 months, you could reverse the numbers, add a letter or capitalize something to make it different enough to pass go, but still memorable.

Enter I.T. security and assigned passwords. Not only do they have to pass security muster, you must have a different password for each application.

(&3KhgLK20072&^%

GOOD PASSWORD. STRONG PASSWORD. Also a password that I will never remember. (Any resemblance to an actual password is strictly coincidental and not a security breech). So, what happens is that you have to write your passwords down. No longer are they stored securely in the recesses of your gray (grey?) matter never to be revealed except under threat of bodily harm. Not only do you have to write your password(s) down, you have to write them down somewhere that you can find them.

When you need to sign in to the fragendafenberg application, you must do it with efficiency without spending time searching for your password or typing in 5 incorrect passwords only to be locked out and have to call the help desk. Therefore you write it down in a logical place - on a sticker you place on the back of your name tag. I know there are I.T. security professionals out there who may read this and start having palpitations and chest pain but I call 'em as I see 'em.

The ultimate result is that in an effort to achieve ultimate security, there is no security. True of passwords and true of life. Ironic, isn't it?

No comments:

Post a Comment