Every now and then I get a message I dread, telling me that my password has expired and that I need to set a new one.
Why do I dread it? Let me think. I have no problem with the majority of my web accounts and signups and subscriptions. For the most part, I set my password once for each of those and, once I’ve done that, I never really have to change it.Â That’s the theory anyway.
As I learnt more about identity theft and phishing and strong passwords and weak passwords, I tended to make sure I used passwords that were considered at least marginally complex, not to be found in dictionaries, both alpha as well as numeric, case-sensitive where possible, and not even vaguely connected to anything else in my life. If that wasn’t problem enough, I then had to make sure the passwords were such that I could construct a question that would help me work out what password I had chosen. This may be fine if you use things like “the name of your first pet” or “your primary school”. What kind of question would beget the answer “X4bh3A21”?
So I started doing something else. I brought in a materiality test. I used really complex passwords only where my identity could be used to do something with money. The rest of the time, I kept things simpler.
When OpenId turned up, my life got a lot easier.
I now had a system. Two types of password. One type to be used for general things, “strong” yet easily remembered, and OK for use in multiple contexts. A second type to be used for things you did with money, “stronger” and not that easily memorable, and explicitly not to be used in multiple contexts. OpenID in use where possible, Sxipper where possible.Â Both password types didn’t need resetting per se; I chose to make regular changes to the ones that had the possibility of financial impact.
If only it were that simple.
Work passwords don’t tend to work that way, for some reason. You get regular messages to change them. Particularly for things like laptops.
And for Blackberries. Oh yes, Blackberries. I’m one of those guys who doesn’t particularly like device proliferation, so I don’t keep a separate work mobile. As is the case with many of you, my Blackberry is my phone as well.
If only it were that simple.
I have a Blackberry with a non-standard keyboard; even though it is QWERTY, the letters are distributed over 14 keys rather than 26; 12 of the keys represent 2 letters each, and the two remaining keys have just one letter each. The double-letter keys toggle between the two letters on the key, while the single letter keys behave as normal. Beyond that, 10 of the keys also have numbers on them, accessible only by pressing some other function key first. So now, when I set a complex password for the Blackberry, I need to think of something else. I need to think about the number of keystrokes I need to use in order to enter the password. Oh for the days when an 8-character alphanumeric password required just 8 keystrokes.
And the moral of the story is that passwords are passe. Or soon will be.
Incidentally, I love trivia. And one of the pieces of trivia I delighted in finding out many decades ago was this:
If you were restricted to using only one row of letters on a standard QWERTY keyboard on a typewriter, the longest word you could come up with was ….. TYPEWRITER.
In similar vein, I tried to figure out the longest word I could make on the multi-tap Blackberry keyboard, if I restricted myself to the letters that came with “tap 1”. Now the letter set for the 14 keys is as follows:
QW ER TY UI OP AS DF GH JK L ZX CV BN M
The first tap therefore produces Q E T U O A D G J L C B M.
I guess I was mildly delighted to find that the longest word I could construct was …. CALCUTTA!
Little things please little minds :-)