02 June 2009

Please Re-enter Your Password

Has anyone else noticed how you don't really get to pick your own password any more? I mean, you do. But there are so many parameters for them now, it doesn't feel like I'm picking. It frustrates the hell out of me. If I'm stupid enough to make my password "love" or "sex" or something, do I not deserve to get hacked? Can I not be trusted to come up with my own secure password? And frankly, I'm hoping someone steals my identity and gets saddled with my student loans. (Yes, I know that's not really how it works. A girl can dream, right?)

At work the other day, I came across a doozy. We were trying to get online access to a museum in another state. Here are the parameters for the password I can request:

Enter your desired login password. DCA Computer Security Policy requires that any new or re-set password must be at least 8 and no more than 16 characters in length, begin with a letter, and must include at least one number and one special character.

Not so bad, right? Yeah, I'm not done:

Allowable special characters are: # _ $ (pound sign, underscore, and dollar sign). No other special characters can be used in passwords. Your password cannot be the same or similar to your username, and re-set passwords must differ from the previous password by at least 3 characters. Your password also should not have any personal significance (e.g., your birth date, the make of your car, etc.) or be a word that appears in the dictionary. Optionally, you may leave this field blank and we will supply a password for you.

Seriously? It can't even be a word? How in hell am I supposed to remember this jumble? Oh, I should write it down and put it next to my computer, right? That's safe!

I'd also like to point out that all of this is being said because they want you to write down your password on their form and fax or email it to them. Thus, showing it to everyone in your office, everyone in their office, and possibly everyone in the entire world. That's secure.

Not to mention, um, you're a museum.

So after you come up with this jumble of letters, numbers, and those three special characters (why only those?), you also must change your password every six months. With three characters difference between each change. And it can't be the same as the last three passwords you've had.

Is this really making things more safe?


Antelope said...

We have that at my job (except for the weird thing about only three special characters to choose from), and somehow "Dictionary words" seem to include my rather unusual last name and the Greek names I gave my pets when I was in 5th grade and awesome.

Bow Chica Wah Wah said...

I have a page in my planner where I have all my passwords written down... ebay, paypal, sallie mae, etc etc... I cant remember all that shitzzzz

its not safe but it was either write them down or have to reset them every time i forgot

adriana said...

That is completely ridiculous. You'd think they were protecting federal secrets or something... it's a MUSEUM!

Anonymous said...

How would they know if the password had personal significance to you?

Maybe your first love was named "5$hooker."

Erin said...

So many rules, so few choices. I am grateful for the "forgot your password" link. Since I always do. You blog is funny. Good job.

Alice said...

i haaaaate how ridic passwords are getting too. i write them down in an email that i send to myself in gmail, then look 'em up when necessary.

of course, this assumes no one can hack my google account. or more accurately, that no one CARES to hack my google account.

Jay Ferris said...

Since you're straight up street, allow me to suggest "Playa_Hata" or "FittyFo$"

Anonymous said...

Argh. That's ridiculous. Thankfully I make up words all the time. But still, JEEZ. It's almost as ridiculous as the rigmarole we readers have to go to to comment on your blog :P

mylittlebecky said...

password rules are for the birds! blarg

LiLu said...

Christ in a miniskirt, as Lemmonex would say.

Well, at least you can think up a word that's only in Urban Dictionary... something really gross, like blumpkin. THEN you'll remember it...

shine said...

Antelope: You're still awesome. Can I have a Greek name?

Bow Chica Wah Wah: So basically if I find your planner, you can buy me stuff? This is a good plan!

adriana: My thoughts exactly.

peterdewolf: I thought you weren't going to just tell my secrets like that?

Erin: Thanks!

Alice: Again, the security! I could probably hack your gmail account. But I won't. I'm nice like that.


standingonthebrink: I make up words, too, but I don't usually remember them later. If I have to captcha, you bitches have to captcha!

mylittlebecky: Let's kick their asses!

LiLu: Felching. I seriously never want to have to explain that to anyone again. And that? Is why my iPhone is the awesomest. I can just go straight to Urban Dictionary and let the person read.