Does anyone remember that cartoon from the 1990’s, Animaniacs?
It was a pretty good cartoon for its short run. One of the segments that they aired was called “Good Idea, Bad Idea”. It was a short clip segment. It would go something like this:
It’s time for another good idea, bad idea. Good idea: giving a small child a balloon. Bad idea: giving a small child a bunch of balloons (and the child then floats away).
It was a humorous segment. And that brings me to advice that computer security experts give. Good idea: using good password policies for all of the sites you visit on the web. Bad idea: using different passwords for every site.
Why do I say this? While we should always use good passwords (like letter/number combinations, nothing obvious like “123456” and “password”), it’s completely unrealistic to have different passwords for every site if you have a very wide reach on the web. Consider myself:
- I have an online bank account from back in Canada
- I have another online bank account (which I opened when I moved to the United States)
- I have a third online bank account
- And I opened up a fourth online bank account! In truth, I did this to get the free $100 for opening an account, but now that it’s open I think it’s kind of convenient to have since the bank is not local
- I have an online trading account
- I have an online retirement account from back in Canada
- I have an online retirement account when I moved to the United States
- I have a Facebook account
- I have a Twitter account
- I have Yahoo, Gmail and Hotmail accounts
- I have a login to my work computer
- I have a login to my Mac computer at home
- I have logins to two or three discussion boards which I participate in every once in a blue moon
- I have logins to a couple of websites (including this one) on which I write articles
- I have logins to a bunch of bill payment sites like electricity, rent and car insurance
- I have logins to online websites which I use to buy things
In total, I must have close to thirty different sites at which I login to. How in the heck am I supposed to remember 30 different usernames and passwords? On at least 1/3 of these sites, I have forgotten the password and I have to reset it nearly every single time I return to the site because I login maybe once a month. It’s so frustrating! I know that using different passwords is good advice, but how realistic is it? Humans cannot remember that many different combinations of things without resorting to some memory tricks. Even then, it is still difficult.
There must be a better way.