Five by Five

Despite the dream of a perfect utopian Open Web where data flows freely through the tubes there is still a huge chunk of the Web that needs to be kept behind locked doors. Usually for pretty good reasons too, such as protecting your online identity and security. If you’re anything like me, all this top-secret stuff, from your online-bank to your AFF profile it’s all kept locked safely away behind your favourite password. You know, that phrase, sporting team, year, whatever that you enter whenever you encounter yet another password sign up form - type it in hit ’submit’ and go about your cyber-business as normal.

The spanner in the works comes when the site you’re registering on decides that your password is not safe enough and that for your security your password must be constructed from a cryptic mixture of letters, upper and lowercase, numbers and punctuation symbols. A big problem with this kind of password is that they are very difficult to remember. Some tried and tested strategies for keeping them in your mind include listening to the password repeated ad-infinitum on your iPod as you drift of to sleep, an elaborate tattoo across your back in gothic lettering, Post-It notes scattered across your desk for the whole office to see, or my personal favourite, setting it as your Windows screensaver (works excellently for a locked screen password!).

The argument for this kind of password is that it is tougher for hackers to discover your password using a technique called a ‘dictionary attack’, where said hacker quite literally tries every password in a dictionary in the hope that they’ll finally find your password and be free to look at all your private Facebook pictures to their hearts content. Enduring the pain of a tattoo to guarantee eternal internet security might not seem like such as bad trade-off, but the over-paid security consultants have one last trick up their sleeves to make your internet experience a living hell - the dreaded forced password change, where after an arbitrary period of days, weeks or months you’re forced to change your hard-to-remember-but-ever-so-safe password for another, completely different hard-to-remember-but-ever-so-safe password. That you then need to commit to memory using any of the techniques mentioned previously. Which is why I really wish I didn’t get that password tattoo, because laser removal is going to be expensive and painful.

This entry was posted on Friday, October 3rd, 2008 at 5:27 pm and is filed under Front Page Posts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.