Password Proliferation

Posted On: Friday - December 11th 2020 12:54PM MST
In Topics: 
  Curmudgeonry  Artificial Stupidity  Big-Biz Stupidity

You're in luck today, Peak Stupidity readers, as this will be two rants in one! While writing up that latest customer service oops, care story, I noted that I'd need another post here about the proliferation of passwords, which was part of my reasoning for dialing up the Philippines on the blower that day.

The reason I needed a password in the first place is the first rant. Listen, I get the reason for needing to log in with a PW for making banking transactions (I don't even do this), and, well, you already must have an account to need this service. Stock trading, email accounts, company intranet services/requirements, yeah, I! GET! THAT! [/Tucker].

How about needing to register, then log in, to shop though? I checked on 3 different vendors for something recently for the same type of product. The website of one of them had a home page telling me to register. Say what? OK, there were 5 links up top. One said "SHOP". That's good, so I clicked it. That page told me to call up or register. No items were even displayed on there. OK, no sale. Well, that was easy! (Luckily the other 2 sites were normal.)

Everybody wants you to sign up for something now. They've gatta have a website for you to sign up on. In that case you've got to REGISTER first, then use that username and PW that you hopefully wrote down (more on this in rant #2) to log in. Then you can finally do whatever the hell it is you wanted to do. Solution #1: Don't join SHIT! If they want your business so bad they can just let operate on the website and do it, shop, read news, whatever.

Some of the time you are at least allowed to "sign in as a guest". That is so, so nice of them. was smart enough to do that long ago. Sure, they do want lots of information on you, to sell you more stuff easily or to sell that very information. First, they need you to not give up in frustration though.

My recent customer care story had me trying to log in to a site that also had no reason to require me register. The information was all known by my company, and I had already logged in there. This service could have just let me enter in 2 or 3 identifying pieces of info. to get done what I wanted to. No, but every department of anything likes to have their own niche website and their own "customers". That's obviously very cool for them. I explained already though, that this was worth something like 300 bucks to me, so even a half day's worth of frustration would have been worth it. Luckily, the frustration was only for an hour.

Oh, but now [smooth segue-way into Rant #2] how in hell is one supposed to remember the username and PW that are needed only once a year? "Use your name, your birthday, the name of a kid or pet." We all know that those aren't the best passwords unless it's just something that a hacker wouldn't get any use out of. In those cases, yeah, I'll just use the username again for the password. [NOTE: That's not the way Peak Stupidity works. I promise, but you're welcome to try. Good luck! - Peak Stupidity IT department]

Oh, keep the same more difficult password, you say"? I don't think that's the very best idea. If one does join up to various things on-line, then all it takes is one good hack (doesn't mean the password was too easy - there are other ways, of course) for all kinds of havoc, even full-out ID theft, to be made easy.

Next idea: Have a core very difficult to crack part and put easy-to-remember letters that match the website before or after or both. That's pretty good... till you are told you must change the password every 3 months. No, you can't toggle back and forth. I had a system in place for that. Good. Oh, except then I have to update about 10 other passwords each time, and that's just for some of this corporate stuff. They don't all make it easy to do this, and for some, such as the yearly one discussed here, I'm not logging on 3 times in between just to do this. I'd really rather call the Philippines. It's easy, just dial 00. That worked last time, at some point ...

Another problem was that these helpful IT people wanted more kinds of characters after a while. I get the reason, but it messed up my system. With the new pattern, I could not keep straight which iterations of which pattern were required. "Hello, Philippines?"

I've been trying my damndest not to succumb to the biggest mistake regarding passwords, which is NOT TO WRITE THEM ALL IN A LITTLE NOTEBOOK!* They are making this very hard for me. That's what I told the nice Filipina girl on the phone recently: "Should I just put these passwords in a little notebook, so I don't have to call you all so much?"

"I don't mind, Sir, to help you. Could you answer just one of the two security questions?" If I could have, I wouldn't have had to call nice girl. "Nah, tried that, I don't know what I put down for the name of our cat. I make all this stuff up for a reason. Maybe I should buy a little spiral note pad ..."

I guess if you're single, this may be a good way to eventually meet a nice chick - call it "customer care dating". It's easier to use than those dating sites, it's free, and you don't need a password!

* I do know about these password consolidation programs that keep all of them together as your remember just one. That's pretty close to good, but it has the flaws of one losing, or having crash, one's device that has all this, and the general vulnerability again of having all the eggs in one basket.

Sunday - December 13th 2020 10:37AM MST
PS Mr. Smith – you just provided some sage advice regarding the use of passwords. Certainly I have seen articles on IT-type websites that deal with keeping (relatively) anonymous online or protecting one's financial info. Our esteemed moderator states:

“The gist of it is, only with a Faraday cage nothing fancy really, and stickers over the camera lenses, and some way stop the thing from recording sound through the mic*, oh, and a GPS jammer, there is no way to know if these things are keeping track of us.”

I have avoided acquiring a smart phone for these kinds of reasons, though it may be a pointless gesture on my part. I was just wondering if there was a site that deals with cyberspace, privacy, and protection for folks like us.

I use Opera as my browser and have enabled their VPN. But I read elsewhere that it's a pretty scurvy VPN, as such things go. Perhaps a pay VPN and proton email is the ticket. Thanks again.
Adam Smith
Saturday - December 12th 2020 11:45AM MST
PS: Good afternoon everyone...

"Have a core very difficult to crack part and put easy-to-remember letters that match the website before or after or both. That's pretty good..."

I often use the same core password adjusted for different websites...


Miss Gwen, keeping your passwords in firefox is convenient, until your computer crashes. Do you have a backup?

Mr. Urbando, I'm not sure what your asking. It is possible to stay "safe" online, though it does take a little effort. Anonymity helps. Depending on your situation you may like a VPN.(?)

I agree with Mr. MBlanc. Write them down. I suggest an encrypted .pdf file hidden behind a jpg. You still have to remember one password, but you can safely leave copies around and most people won't ever notice. If they do notice they still have to crack your password.

This file has an encrypted .zip file and an encrypted .pdf file attached to it. The password for both is "peakstupidity". Just change the file extension from .jpg to .pdf or .zip to see how it works.

Saturday - December 12th 2020 5:06AM MST
PS: Mr. Soviet, it was all fine until they started making me change the PWs. Hey, I understand that is good practice, but that's about to make me switch to a bad practice, putting them all on the back of a business card, haha.

No, I have some other ways to clue myself in on the PWs, to where others couldn't figure it out, but come on, man, do they really think I can re-login every year without calling up the Philippines?

Mr. Blanc, and Cloudbuster, I'll get through this, but I need to develop a new system in my head.
Saturday - December 12th 2020 5:01AM MST
PS: Gwen, that's what I'm talkin' about (your needing a login to purchas a hairbrush, or the like). Re: your 2nd paragraph, that's all pretty good for one device, with all your eggs in that basket. Sometimes I need, or at least want to be able, to get on another computer somewhere and use these sites.

Mr. Urbando, I defer to commenter Adam Smith for links or ideas. I did have a post under the iEspionage topic key about my ideas on how mobile phones can be used against us. The gist of it is, only with a Faraday cage nothing fancy really), and stickers over the camera lenses, and some way stop the thing from recording sound through the mic*, oh, and a GPS jammer, there is no way to know if these things are keeping track of us. With all that, I know, better to just leave the thing at home.

Your topic is a big one, Urbando. I have meant to write more on it with that iEspionage topic key.

I did some IT work before, but it was a long time ago, and people forget [/The Who]

Friday - December 11th 2020 10:56PM MST
PS Keep them on a spreadsheet on something like this (not endorsing this particular one. Just an example I pulled up from a search):
Friday - December 11th 2020 9:02PM MST
PS Write them all down. It’s the only reasonably safe way.
First Kronstadt Soviet
Friday - December 11th 2020 8:26PM MST
PS To apply for service economy jobs you must make an account with a pw.
Do you want some ice with that comrade, I'm here to serve you?
Typing in passwords on keyboards is dirty, you need a chip in your hand and everyone else is doing it.
Don't be mentally ill comrade, it is for the good of the collective.
Use things that you are sure to remember such as birth dates, life milestones, family names.
Make it not worth a hackers time with underscore, symbols, upper and lower case, numbers.
Maybe manboons is just too stupid to continue or has AI already taken over and considers us as obsolete?

"I see stupid people...they're everywhere. They walk around like everyone else.
They don't even know that they're stupid."

Cole Trickle
Friday - December 11th 2020 8:01PM MST
PS This is an illustration of the reality that it's become very difficult to stay safe online. Mr. Newman, can you recommend a good source of internet/cyberspace/communications safety tips? Unless one is an IT type, the proliferation of new information and new practices (as you describe here with internet commerce) make it very difficult to operate without either leaving a trail or opening oneself to mischief by ne'er-do-wells or The Borg itself.
Friday - December 11th 2020 1:48PM MST
PS Oh, Mr. Newman in the immortal words of Billy C - I feel your pain. I do nearly all of my shopping online for a variety of reasons. I've come across those online merchants that won't let you browse without signing in. Uh no, here's me exiting your site. My other favorite is when some merchandiser of ordinary things has a password requirement of uppercase letters plus numbers plus characters, etc. I really don't care if someone hacks the site and finds out what kind of hairbrush I bought. Lengthy and difficult passwords make sense for things like financial institutions and health care provider sites, etc.

I do, in fact, have a collection of 3 x 5 notecards that I started keeping my passwords on about seventeen or eighteen years ago. I use Firefox, and I recently discovered that they have an auto generated password feature. Whenever I have to put in a new password it'll ask me if I want to use autofill, which I do. It's nice as I don't have to write it down because you can tell it to save that password for that site and when you log in your password is already there. If you choose not to do that the password library saves the password and a mouseclick brings up the library and you scroll through until you find the website and find your password. (Actually Firefox does that even if you use your own password and not the auto generated one.)
WHAT SAY YOU? : (PLEASE NOTE: You must type capital PS as the 1st TWO characters in your comment body - for spam avoidance - or the comment will be lost!)