Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Hackers can help themselves to whatever they want – just save me from the tedium of the digital security hellscape
You probably haven’t heard of NIST, the National Institute of Standards and Technology, in the United States, and thus probably don’t know that every few months this agency of the US Department of Commerce – with its mission to promote American innovation and industrial competitiveness – issues guidelines on passwords.
It’s aimed at businesses who engage with the US government and because they wish to comply and maintain their contracts, they wait breathlessly for these updates.
And this month came a little spanking on the subject. “Favour length over complexity,” was the diktat. In other words, “stop bolting on special characters”.
The agency can see that employees are getting bogged down with their secret codes, especially those in organisations that demand staff change their passwords every few months.
The thought of which drives me to the edge of Beachy Head. Indeed, I know that there are UK firms that insist on this. And if I worked for such a company, I can tell you that faced with such a request I wouldn’t bother to resign; I’d just set fire to myself.
Because password lunacy is now beyond Bedlam. And I’d like NIST to issue guidance that just said, “forget the passwords, lads, there’s nothing to see here anyway.”
Which is the case for most of the stuff I use that demands a password: eBay, X, Instagram, Peloton, EasyJet, TicketTailor, Trainline, Netflix and so on, eternally. Honestly, you can all help yourself to that stuff, I don’t care. I would rather risk the danger that might come into my life if someone logged into my booking.com account than have to grapple with whatever the hell my password is.
Each month, my accountants send me an email with some payment details. I click on the attachment and, of course, it’s password protected. And for some reason, like the fact that I’m human, I can never remember it. It was set up by my accountants so I search my emails in vain for correspondence on the subject. Then I have to ask them what the password is and they think I’m half-witted and are, of course, reluctant to send it over email because that would defeat the object.
And because I then have to engage in some fresh hell that’s called a two-step verification process, I moan and ask why there is a need for a password in the first place and they bleat about data protection. Then, I wonder about the hacker who gets into my email and scours my messages to find out what my PAYE is for the fourth quarter of 2024.
Honestly, they’re welcome to the intel. And when they’re in there, perhaps they can tell me what the figure is as, obviously, I can’t access the documents.
Some of us write our passwords down in a little book, others in “Notes” on our phone, or we might have some clever pattern involved which enables us to remember the wretched things.
And while the facial recognition innovation of an iPhone in place of a password is nothing short of genius, my iPhone doesn’t recognise me when I’ve got a hangover. Which makes the stress of getting through the train barriers the morning after almost too much to bear. It’s me, I tell my phone, trying to access my ticket. I can almost hear Siri tutting mournfully.
All of our passwords are fruitless anyway, in the face of a tech incursion. As we learned with Kia this week, hackers can gain control of your car via your phone (while I can’t even gain control of my phone), so it’s obvious our passwords are deficient.
Let’s leave our virtual doors open because the hackers of the world might be more alarmed at what they find rather than gleeful at the treasure. My brother once had his car broken into and the thieves stole all his CDs. Well, all of them except the ones by the Pet Shop Boys; the insult and trauma of which he duly informed the rather bemused police.