Root Canal Treatment or Re-Setting Another Darn Password?
Going down the deep, dark rabbit hole of our countless user names and passwords.
Posted Nov 03, 2018
The other day, my 7-year-old recited to me his username and password that he uses to get on the classroom computer to play a math app. I was impressed that he remembered it so readily. But more impressive still is the reality that us adults willingly create and try to keep track of literally dozens and dozens of usernames and passwords for everything from buying movie tickets online to doing your online banking to trying to volunteer at your child's school. To say our username and password system has gotten to the point of extreme and utter overload would be an understatement. It's a system that's simply not sustainable. What can be done?
I'm sure we've all had the experience of getting so far down the rabbit hole of forgetting a password and having to reset the password, instructions for which are then sent to an email account that's no longer active or hasn't been used in so long we can't remember the password to that one, which prompts another reset cycle and etc., etc., until we're so far into it we can't remember what we were trying to do in the first place. This scenario happens to me at least once a month.
There's also the annoyance of having to create usernames and passwords for the dumbest things like buying concert tickets online or trying to ensure that your utility bill payment went through. I tried to sign up for a one-time real estate class the other day and was told I had to create a user account first; there was no option to simply call the organization, give a name and pay with a credit card. They required a whole account set-up rigmarole, explaining this is how they "keep track" of attendees. Whatever happened to a sign-in sheet?
My question is this: does anyone think it's reasonable to expect a person to remember and/or keep track of dozens and dozens of username and password sets? Based on what we know about human cognition and psychology, it's completely unreasonable. In fact, the reason the modern phone number has seven digits is that it was discovered a long time ago that seven is the longest set of digits someone can remember effectively. So why are we expected to create usernames AND passwords that are sometimes longer than 7 digits EACH, and thus 15-20 characters total AND remember many of them? An obvious reply is, you don't have to remember them, you can keep track of them in a spreadsheet or document. This seems problematic to me for two reasons: 1) if anyone found the written list of passwords or hacked into your computer and found this spreadsheet...uh oh; 2) if you lost this spreadsheet in a computer malfunction or your laptop or notebook is lost or stolen....uh oh.
So what's to be done? Some companies are exploring retinal scans or fingerprint recognition systems for access to personal electronics and selected apps. The potential problem here is that people who you want to have borrow or use your laptop or phone (e.g., your spouse) cannot because he/she doesn't match the associated profile.
I wish it were as simple as having one number per person, kind of like a social security number, that is never duplicated, is always unique to that particular person, that can be shared if necessary (e.g., when someone wants to borrow your laptop) but is easily memorized, and can be used over and over again for access to whatever you want access to. Why is this not possible? Perhaps I'm overlooking something, but this proposed system seems to be so much easier than our current technological mess of millions of forgotten passwords that are required to be long and complicated and difficult to guess (and thus, impossible to remember....).
A simple internet search shows that about 3% of all Americans have their identity stolen every year. By contrast, our current username and password system is 100% annoying, inefficient, and overly complicated. Growing up in the 1980s, we often heard the sentiment that technology was going to make our lives easier. Almost 40 years later, I'm still wondering if that will ever, in fact, be the case.