Here we are again folks. Yet another data breach.
Yahoo has been hit again.
I have a yahoo account. I use it as a junk mail account. This is the email address I give if I think I’m going to end up on a mailing list or junk mail list. I’ll go for months without checking in at Yahoo. When I do finally get around to seeing what’s accumulated, It’s almost all SPAM!
I just changed the password, that was a thrill!
I’m debating if I should just delete the yahoo account entirely. This account does protect my privacy a bit.
Every time I hear about a breach like this, I’m reminded of all the companies that demand you have an account to interact with them.
It seems that no matter how zealously you protect your personal information. Somehow or another you find yourself looking at gaining access to a needed service, or doing without it.
Most of the time we just create the new account and write account name and password down on a postit that we promptly lose.
We do what we need to do, and as soon as we log off, we forget that new name and password then spend 30 minutes to an hour recovering both six months later.
I personally have a spreadsheet of 143 account names and passwords. (By the way, that 143 line spreadsheet, is trimmed! Over the past few years I’ve been killing accounts. I’m down to 143 from about 250.)
I was inordinately excited when Apple announced that their new operating system would create passwords, remember them, and make said passwords available across all their devices.
I could hardly wait for the new era of simplicity to begin.
Sadly, the reality is that many web sites are telling the Apple browser not to store or supply passwords automatically. Which leaves me referring to my spreadsheet often.
I was thinking about the bad old days
Back in the stoneage you could have a password that looked like “blat”, then the era of 8 character passwords dawned, so your password became “blatblat”. Not too long after, you had to have a capital letter so “Blatblat” became the norm. Then you had to have a number so “Blatblat8” got used.
Finally we were forced to change our passwords on a regular basis. Our passwords now look like “FranKen$$tein989”, if we’re lucky. More often than not a password looks like “hual38&&n3gg__7yyhaakj”
I’m far more in favor of passphrases. “I like to have my dick sucked. 69 rules!” Unfortunately many websites and even some computer programs don’t have password fields long enough to deal with a phrase. Which leaves us with a password that looks like the keyboard malfunctioned and is just as forgettable.
Who hasn’t seen
“Your new password must be 8 characters long or greater. Your password cannot be reused, your new password cannot contain any part of your old password or user name.”
So you spend 5 minutes coming up with something clever that you’ll remember only to have the web site or computer system say;
“You password is unacceptable and must contain upper and lower case characters, at least one symbol and two numerals.”
Now you’re thinking for another 10 minutes to access your bank account because you want to check a balance.
If you are finally successful in getting the password changed, you’re likely to have written down the wrong sequence of characters because the system has forced you to try again so many times you’re not sure what the hell you entered.
I personally give up after two or three tries at changing a password. It’s easier for me to just call the vendor and ask for a human. Often, I’ll shut down electronic access when I speak to a human. Invariably I’m asked why I’m terminating web access and I say flat out, “I don’t want to deal with of your insane password requirements.”
I’ve found that I spend just as much time waiting on the phone for a human, as I do fooling around with quarterly password changes. By cutting out the frustration of password changes I’m in a far calmer frame of mind.
Recently I realized that I’m less likely to do business with someone who cannot provide paper forms instead directing me to their corporate website where I can fill out this or that online.
The odds of my doing business with such a company are further reduced if I have to create an account before I can get to the forms.
The truly ironic part of all this, is that I’m a technology kind of guy. I’ve been in the business for decades. I know and understand the need for good strong passwords.
I can’t imagine how annoying all this stuff is to folks my Moms age.