Nobody seems to think much about passwords. After all, isn’t their purpose obvious? You need one on your bank account so that nobody else can use your money. You need one on your e-mail account so that strangers can’t find out your innermost thoughts.
But I was astonished when my daughter told me that her school has instituted a new security initiative. Student passwords must now be at least eight characters long, must contain letters, numbers and punctuation, and may not incorporate any recognizable English word. And the password must be changed every 30 days.
Can you guess what this password is meant to lock down? The fifth-grade homework-downloading Web page.
That’s right. All of that inconvenience, memorization and hassle is intended to make sure some disturbed maniac doesn’t read this week’s spelling list.
Then there’s the video production company I worked with recently, which hired a new tech guy. The first thing he did was to declare the company’s network to be unsafe. He decided that workers could no longer choose their own passwords; he would supply them. They would be 12 characters long and consist of alphanumeric gibberish, and they would have to be changed every month. He also blocked chat programs, e-mail attachments and YouTube.
They haven’t had any hacker break-ins—of course, they had never had any before, either. But there is a difference. Now the employees watch YouTube videos on their phones, use Gmail to get file attachments and keep their unmemorizable passwords on Post-It notes taped to the monitor. Nice going, Mr. Security.
My point, of course, is that while it’s important to be secure, it’s equally important to ask why—and to consider the trade-off between security and convenience. Obscure and harmless entities sometimes get locked up like Fort Knox, punishing nobody but the legitimate users. (Don’t even get me started on the Transportation Security Administration.) Other entities, such as Sony, Citibank and Lockheed Martin, are apparently not locked up enough. (Their computer systems were all hacked this past spring.)
It is actually possible to devise a system that ensures both security and convenience—if you’re smart. For example, if you reserve a room as a member of Omni Hotels’s Select Guest loyalty program, you can check in just by walking up to the counter and giving your name. They hand over your key and say, “Good evening, [your name here]. Have a great stay.”
They don’t ask for your ID. They don’t say, “May I have your credit card for incidentals?” They don’t tap on their keyboard for five minutes. They don’t ask you any questions. No interrogation of any kind. They have your key waiting, and they just hand it over.
How can they get away with such lax security? Couldn’t some ruffian pose as you, take your key and crawl into the bed in your hotel room?
It’s never happened in the history of the Omni’s Express check-in program. Why not? Because the ruffians don’t know who you are or that you’ve booked a hotel room. And if you ever did arrive and find some evildoer in your bed, you would be able to clear up the confusion pretty quickly by showing your ID.
Here’s another example: When you buy a program from Apple’s online Mac App Store, the program is downloaded and installed on your Mac automatically. You are not prompted for your system password, you don’t click through any installer screens, there’s no warning about software downloaded from the Internet. It’s the height of convenience.
Shouldn’t Apple be more worried about security? No, because it’s done some thinking. It controls both ends of the transaction. It’s not worried about viruses or malware, because it’s providing the software itself. It doesn’t have to ask you if you want to install the software—of course you want to (otherwise, why would you be buying it?).[break]
Whether you’re an administrator, designer or consumer, in other words, it’s worth putting some thought into the security/convenience trade-off. Passwords have their place—but it’s not every place.