Passwords: The Kingdoms of But and Should - Word&Way

Passwords: The Kingdoms of But and Should

We are often torn between the kingdoms of But and Should. A primary example of that is our passwords.

Ken Satterfield

Ken Satterfield

In the Kingdom of Should, we know we should come up with passwords that are not hard to guess. We should not get into the habit of using the same password. We should use combinations of upper- and lower-case letters, numbers, and special characters. We should utilize two-stage verification (such as a PIN number and entering a passcode). We should (usually) not write our passwords in easy-to-find places.

In the Kingdom of But, we know all of this, but we still pick the names of our children, pets, significant dates, and favorite teams and come up with passwords like… password. We know it is good to have variety but it is hard to remember dozens of different passwords. We know added security is great but we want instant access without waiting for an email or text with a passcode or deal with those “I’m not a robot” CAPTCHA  tests with squiggly characters, numbers, or pictures of a bus. We want to rely on our memory, but our password is taped under the keyboard or in a desk drawer and our co-workers know where.

Or, pity poor Stephen Thomas, who has the exact opposite problem.

He wanted to keep his funds secure and purchased a military-grade USB drive called an IronKey (available for about $130) that is protected by a password. When he decided to access his funds after years of letting it grow, he discovered that he forgot the password to access more than $220 million in bitcoin. After 10 incorrect tries, the drive is completely wiped clean. He has two tries left.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) / Flickr

You may not have hundreds of millions of dollars protected by a password. But you might be protecting pictures, information, or email accounts. How can you recover a forgotten password?

Check your typing. Passwords are case-sensitive. Is it possible you are simply mistyping or have a faulty keyboard?

Do some time traveling. Remember your life at the time you made the password for clues.

Try similar passwords. Just in case, y’know, you used it in more than one place.

Track your progress. Write down exactly what you have tried already to avoid wasting attempts.

Use the helps. Many sites help when you forgot your username or password — click and follow the instructions. In many cases, you have set up a security question that you can answer. There are online helps that give you step-by-step instructions for specific email and social media accounts.

Contact them. Customer service representatives will not tell you your password, but they can reset it when you verify your identity. (Being polite doesn’t hurt.)

Finally, learn from your mistakes. You should develop practices to create unique passwords. It takes a hacker two seconds to figure out an 11-digit password — a handy chart shows you how it grows more difficult as passwords grow longer and more elaborate.

You should check to see where your email addresses have been compromised in past data breaches.

You should avoid relying on your web browser to store passwords in case of a data breach. Instead, you should use a password manager to generate and store passwords and automatically fill forms.

And, you should protect others from the same nightmare by leaving online accounts and password helps in case something happens to you.

You really should.

But…will you?


Ken Satterfield has three decades of experience in religious media and library work and is on staff at a public library in Jefferson City, Mo.