Archive for the ‘misspellings’ category

The insecurity of repetition

November 12, 2012

You shouldn’t use the same password for more than one thing, you know. OK, so the number of organisations demanding a password from you has increased hugely in the past few years. OK, so you need to “register” and think of a password every time you buy a pair of jeans or a jar of vitamin pills online. OK, so we’re constantly bombarded with new social networky things to try, all of which require passwords. But don’t ever reuse a password! If you do, the hackers, high on smacky-crack, will steal your money! And your identity! And you’ll only have yourself to blame!

I have an alternative take on this, which may just be one of the most boring conspiracy theories ever. If weak-ass conspiracy theories annoy you, please stop reading now.

What happens when you have to think up a new password for every one-off purchase or one-off interaction? Either…

  1. You have a l33t failsafe system enabling you to generate lots of one-off passwords and somehow not forget any of them. Perhaps this involves a nice weighty electronic “key chain” which is not a substitute for genitals at ALL, oh dear me no.
  2. You generate a new password, then realise next time you visit the site that you’ve forgotten it, so you go through the rigmarole of generating a new one, then you forget it again.
  3. You cheat and reuse the same password for a few unimportant things, e.g. sites which force you to “register” before you can buy anything, trying new social media, etc.
  4. You write down your passwords.

If you’re in the second category, you can feel quite frustrated because you were sure you knew your password, but you keep typing it in and it’s not working. Maybe you spelt it slightly differently? Maybe there was a 1 instead of an I? Aaargh, still not working. Better reset it.

But if you’re in the third or fourth category, things get weird. You feel sure you know what your password is, because you’ve written it down, or because you always use the same one for this kind of thing. And it still doesn’t work. Either you’re so stupid that you wrote it down wrong, or somehow managed to forget it even though you always use it… or something else is going on.

I am absolutely certain of my Verified by Visa password, security theatre bollocks though the whole thing may be. I didn’t need to write it down because it’s a phrase that means a lot to me. The first time I used it after setting it, it didn’t work. So I re-set it, to exactly the same as before. Next time I used it, it still didn’t work. I think I re-set my password about five times, to exactly the same thing, before it “took” and finally worked.

Here’s my conspiracy theory. Maybe when you set a password, for whatever reason, it doesn’t always work. But the proliferation of password demands, and the constant warnings not to reuse passwords or write them down, confuse the human brain to the point where we blame ourselves. If you’re trying to keep twenty or more passwords in your head, it’s understandable that you’ll make a mistake. It’s only when you ignore the security guidance that you realise “Hang on. My version of reality does not match yours.”

Perhaps the institutions who demand and then reject our passwords are gaslighting us.

Advertisements

Typo of the week

March 8, 2007

An accidentally insightful typo from someone called “kate” commenting on I Blame The Patriarchy:

“Wasn’t Lacan a Freud worshipper? Isn’t psychoanalysis considered a little old hate these days? Just askin’.”