This is pretty much representative of everything that is wrong with our society.
As a publisher, one of the administrative things I have to worry about is applying for the pre-assigned control number from the Library of Congress. It is a little administrative thing, really. It only takes a minute or so per title to do as everything is handled online. The problem, however, is that because we only publish a handful of titles a year, I only log in four or five times a year. Well, as anyone who spends time on the internet knows, it is pretty easy to forget your password for sites that you don’t frequent daily. But some sites seem custom made to make it IMPOSSIBLE for you to remember your password, and even if you do remember it…well…it won’t matter.
These are the password requirements for the site that assigned the numbers:
Must be at least eight characters in length.
That one isn’t a big deal. Longer passwords are harder to guess and this is a pretty common requirement.
Can not be changed more than once per day.
Well, who would want to change their password daily? Seems like a common sense thing to me but OK.
Must contain at least one uppercase letter, one lowercase letter, and one number.
This sort of requirement always hangs me up, because I can never remember passwords that are case sensitive.
Must not contain consecutive repeated characters.
Now they are just making it impossible. Do you know how hard it is to come up with a password I can remember that is at least eight characters, includes a number, and has no consecutive characters?
Must be changed every 60 days.
So even if I manage to come up with a password that I remember, I will have to change it whether I want to or not every 60 days? And if you forget to change the password, you have to request that your publisher liaison reset your account. That’s right, if you wait 62 days and then try to log in, you will get an error message and not be able to reset your password. You have to contact your representative and wait for them to issue you a new temporary password, and then go in and reset your password.
Can not be changed to any of the 11 most recently used passwords.
You know, because we want to really screw with you and make you come up with a completely different password using our arcane rules every 60 days for the next two years.
Now don’t get me wrong. I understand the theory is to make sure the site is secure. That is all well and good. But when you have a security system that requires the user to use a convoluted method of creating a password that has to be constantly changed, what happens is that people come up with “systems” to help them remember. So maybe they use something really simple like their name and a number, Veronica1. In 60 days, that becomes Veronica2, then Veronica3. Because it is human nature to want to use something that makes sense to us, and trying to force us to use an arbitrary random sequence has the opposite effect.
Now what does this mean? It means that while this arbitrary set of rules may protect your account from computer algorithm hacking, it won’t protect you from old fashion con artists who know how predictable we all are. Because you know what else a lot of these sites do? They have special “secret questions” that you are supposed to answer to verify who you are. Things like your dog’s name, your kindergarten teacher, favorite movie, etc.
A computer is not going to know what those answers are, of course. But anyone that sees your Facebook page will because you, and millions of people like you, answer those stupid apps where you share all of this random information online with complete strangers!
And guess what? Even if you are smart enough to not do that, your friends are pretty damn dumb because they are answering those stupid apps that ask questions about their friends! Yep, your pal Sally is gleefully sharing with the world that your first boyfriend was Billy and you use to live on Sassafras Street and your favorite ice cream is butterscotch. Then it is just a matter of some con artist matching you up with whatever websites you visit and requesting a password reset.
And this, ultimately, is the problem with society. We are very adept at protecting ourselves from smart villains. But we are helpless when it comes to protecting ourselves from stupid people.