Forgot Password?

August 11, 2006

While her father was tapping away on the computer, his ten year-old daughter sneaked up behind him. Then she turned and ran into the kitchen, squealing to the rest of the family, “I know Daddy’s password! I know Daddy’s password!”

“What is it? her sister asked eagerly.

Proudly she replied, “Asterix, asterix, asterix, asterix, asterix!”

Human imagination is virtually unlimited and you can invent any super-complicated password to out-smart any hacker. And they say, keep changing your password regularly. So you will need another one, and more, and more… and most likely you will end up inventing the passwords that are very similar and all your efforts will be in vain.

All kinds of data are protected these days, by passwords, sometimes even from oneself. In days gone by, asking cadets for the Password at night at NCC camps used to be an exciting experience.

I hate the very word ‘password’ now. You need a password for practically everything, right from dialling a phone number to operating the bank account. To access an e-mail, a password is a must. Gone are the days when the postman not only delivered the letter, but also read it aloud for the illiterate recipient. Thanks to the Internet culture, letters are becoming a thing of the past.

Just imagine a set of rules for the selection of Passwords:

1. A password must be at least six characters long, and must not contain two occurrences of a character in a row, or a sequence of two or more characters from the alphabet in forward or reverse order. Example: HGQQXP is an invalid password. GFEDCB is an invalid password.

2.  A password may not contain two or more letters in the same position as any previous password. Example: If a previous password was GKPWTZ, then NRPWHS would be invalid because PW occurs in the same position in both passwords.

3. A password may not contain the name of a month or an abbreviation for a month. Example: MARCHBC is an invalid password. VWMARBC is an invalid password.

4. A password may not contain the numeric representation of a month. Therefore, a password containing any number except zero is invalid. Example: WKBH3LG is invalid because it contains the numeric representation for the month of March.

5. A password may not contain any words from any language. Thus, a password may not contain the letters A, or I, or sequences such as AT, ME, or TO because these are all words.

6. A password may not contain sequences of two or more characters which are adjacent to each other on a keyboard in a horizontal, vertical, or diagonal direction. Example: QWERTY is an invalid password. GHNLWT is an invalid password because G and H are horizontally adjacent to each other. HUKWVM is an invalid password because H and U are diagonally adjacent to each other.

7. A password may not contain the name of a person, place, or thing. Example: JOHNBOY is an invalid password.

Because of the complexity of the password selection rules, there is actually only one password which passes all the tests.  To make the selection of this password simpler for the user, it will be distributed to all supervisors.  All users are instructed to obtain this password from his or her supervisor and begin using it immediately. 

The rigmarole of passwords is such that one has to either keep a diary or have a sharp memory. Experts suggest that passwords should be alphanumeric in nature. Here comes in the complication.

The dynamic code (password) for the telephone is only numeric and so is the PIN for the ATM. Even if one tries to have the same code for operating ATM accounts and the telephone, the email needs an alphanumeric one.

It is an embarrassment when you forget the PIN at the ATM. The person behind you in the queue frowns. Some ATMs are without a security guard; you may find the man in the queue trying to ‘guide’ you in recollecting your PIN. Eventually, much more secure things like retina and/or fingerprint scanning will take the place of passwords; until then, we’ll have to make do.

The email does not open because the password you have typed does not exist. The mail from your sweetheart or loved ones remains hidden in the web. No amount of frowns or sulks is going to help. The mail provider asks you to reply to the preset question, like the name of your pet or the maiden name of your mother. You have to memorise the answers.

A password is like a key to your home. If someone steals it, chances are he will use it to steal something else. Electronic door locks too these days require passwords. The list is endless. It is almost completely impossible to remember them all, and most of us end up writing them down (and I don’t need to tell you that writing down passwords is a big security no-no). But what other options do we have when faced with trying to remember all those random strings?

One requires a computerised memory to remember all these details. Once, while cheating in the exams a boy used to carry chits in his pockets. He would also carry an index chit in his shirt pocket to tell him which pocket had the answer to which question. Similarly, the number of passwords is increasing everyday. The time is not far off when one will have to have a password to access the list of passwords in his electronic diary. Try to memorise them by heart. The brain might flash a message — ‘memory is full’.

The interviewer of the computer savvy next generation is likely to ask for the password of the candidate rather than for his name. God forbid that the candidate actually forgets his password! Oops.

13 Responses to “Forgot Password?”

  1. Shruthi Says:

    ROFL!! Great post, Bellur!! :))

    Index chit :)) — this reminds me of something that happened to a friend – it is a true story🙂 She got tired of remembering passwords, and so she put them all in a word file and stored it on her pc. And just to keep it safe, she password-protected it. Of course you can guess what happened. She forgot the password to that file😀

  2. rk Says:

    shruthi: thanks. and your friend’s story is funny too!

  3. travel plaza Says:

    Great post RK. I myself am tired of the 101 passwords I must remember. As if its not enough that I have to remember my own passwords, I have to remember everyones in my family.LOL. They are horrible at remembering stuff…

  4. ari4u Says:

    I hear you. It is so hard to keep track of all passwords for all online accounts. I even need a password to enter my own house (for the burglar alarm system… hehe, that thing is so noisy, only gives you fifteen seconds to enter the password).

    Some high end car manufacturers have replaced the passkey method of entering a car with biometrics; a combination of your fingerprint and voice. They also eliminated the need to use a key to enter and start a car. Add retinal signature to that and it makes a very strong security system, but can be a pain in the wrong place.

    Good post.

  5. coup Says:

    Haha, nice post, but the future could mean a lot of severed fingers and eyes, if criminals want access to something, instead of a password just being blurted out. Well, that’s how it is in Hollywood anyway, and they’re always righT.


  6. Nice thoughts, RK. I keep my password simple, use it across domains and change it once in a year.

  7. rk Says:

    tp: As if its not enough that I have to remember my own passwords, I have to remember everyones in my family. that’s funny! and an added burden, i feel, on an already burdenend shoulders.

    ari: just 15 seconds? too less, i feel. i hate the noise some alarms make. glad you liked the post. keep visiting.🙂

    coup: Hollywood is always right! lol😀
    Just remembered this joke – My kids love going to the Web, and they keep track of their passwords by writing them on Post-it notes.

    I noticed their Disney password was “MickeyMinnieGoofyPluto,” and so I asked why it was so long.

    “Because,” my son explained, “they say it has to have at least four characters.”

    kishor: i suggest you change the passwords more often.😉

  8. Gangadhar Says:

    lol @ joke at the beginning..Me too had this kind of experience…but it’s not from a kid….but from an elder person…heheh..

  9. rk Says:

    Gangadhar: Since it was from an elderly person, it must have been all the more funny!😉

  10. Mridula Says:

    Imagine if we had to type a password to leave a comment! But I am sure that day will never arrive, things are pretty bad as it is🙂

  11. rk Says:

    mridula: welcome to my blog. maybe the number of spams would have been reduced if there were passwords for comments! keep visitng and good luck for your travels.🙂

  12. Sanjay M Says:

    ROFL esp wrt the chit :LOL: Even in my company we have special standards for setting our passwords and have a timeout where we’re forced to change our password every 90 days else a mail is sent to manager!

    Anyway inspite of all these precautions, yahoo accounts are getting hacked nowadays… one of my colleagues wrote this:

    Hi all,

    What happened:
    1. I received an url of pattern “*geocities*” in chat offline message from one of my friends.
    2. I clicked on it … it asked for login credentials. The page was look alike of yahoo – just as any phising site would have. Plus since yahoo hosts geocities I didn’t suspect much.
    3. Next day my login credentials stopped working for my account
    myname@yahoo.co.in and I received a mail in my hotmail id stating that my password for yahoo mail account has been changed. My hotmail account was the alternate account for my yahoo account.

    This way of acquiring sensitive information is called phising:
    http://en.wikipedia.org/wiki/Phishing

    Yeah, I had known phising all the while but sometimes we take things for granted.

    Rahul

    PS:
    1. It is safe to click on that url and have a look on how phising is done. You would be stunned on how the smart guy has managed to give yahoo – lookalike look-and-feel to the website.
    2. You could think of sharing this info with others … hope it helps others from protecting their account.

  13. rk Says:

    Sanjay: I think most of us can relate to that chit incident instantly!😉
    And yes, namma officenallu ide that timeout for passwords! and we need to keep changing pwds.🙂 ninna friend mailalli iro link very informative. thanks.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: