SAN FRANCISCO – Losing Web site passwords causes more aggravation than misplacing car keys according to one recent survey, while creating an easy, secure password management system continues to elude most Internet users, experts warned.
“In our new digital lifestyles, our frustrations are increasing as we constantly juggle multiple passwords for everything from photo sharing apps and Facebook to shopping sites and email,” said Barry Scott, chief technology officer for unified identity management firm Centrify, which commissioned the survey of 1,000 United Kingdom consumers.
“According to our survey, over a quarter of us now enter a password online more than ten times a day – that could be as much as 4,000 times a year,” said Scott in an article published in The Telegraph. “We’re told not to write them down or use the same one, so it’s becoming really tough to stay in control of our passwords and remember them all.”
Hunter Milo, 36, a pharmacist and Berkeley resident, said he can relate to such frustration.
“Managing my passwords is a major source of tech angst,” said Milo. “Because I use my passwords throughout the day, I keep them on me throughout the day, scribbled on a tattered sheet of paper wadded up in my wallet.”
Milo said he has yet to find a better password management system, although he admitted he needs one to keep his access codes secure.
“I need my passwords at least as much as I need my driver’s license and credit cards, even though they’re all important,” said Milo. “Hopefully some jerk doesn’t get hold of my wallet, because if he does he’ll have everything he needs, and I’m screwed.”
Troy Hunt, Internet security developer, said that in an era of widespread security breaches, finding an effective password management system continues to boggle consumers.
“I cringe at the thought of getting hacked, and I also cringe at the thought of taking the time and mental energy to do a complete overhaul of my favorite passwords,” said Hunt on his blog. “If you happen to have a system in place to manage your unique, random, unbreakable passwords, then my hat’s off to you. According to some estimates, you are among a well-protected 8 percent of users who do not reuse passwords.”
For 92 percent of the population, however, finding a password management system that satisfies security protocols and remains user-friendly is a challenge.
Experts said other options include a password generator, offered by offline programs and Web sites. They said software applications such as LastPass or Dashlane store passwords on computer browsers that users can access for Web sites as needed, but they warned such services still could be compromised.
Tech writer Dennis O’Reilly suggested users create complex passwords they can also remember, so there is no written record of access codes.
According to O’Reilly’s blog, a personal and meaningful phrase such as ‘I hope the Giants will win the World Series in 2016!’ can be modified by taking the initials of each word, numbers and symbols to create a strong password, ‘IhtGwwtWSi2016!’
Finally, Hunt offered a high-tech equivalent to Milo’s low-tech pen-and-paper password approach. He said an Internet user can store passwords on a Word document that requires a one-time password in order to open, which the user can remember in order to access the file that lists his other access codes.
Milo decided to pursue the suggestion.
“I finally traded in my crumpled sheet of paper for a 21st century solution,” said Milo. “I’m told a hacker could still ‘ghost’ my keyboard for the one-time password I created to protect my password doc, but I’m not keeping any national security secrets, so I’ll take the risk.”
Milo said his one-time password is based on his favorite William Gibson novel, Spook Country, the plot of which involves the intersecting tales of three protagonists: Hollis Henry, a musician-turned-journalist researching a story on locative art; Tito, a young Cuban-Chinese operative whose family is employed by a renegade ex-CIA agent; and Milgrim, a drug-addled translator who is held captive by a strangely authoritarian and secretive man.
“To me, the novel represents the struggle of the post-9-11 United States to find meaning and relevance in a world quickly changing in the aftermath of the Cold War,” said Milo. “In the same way, the novel reminds me of the redundancy and irrelevance of the password system itself. I hope someday we live in a more transparent, unified and wired planet where managing passwords is no longer an annoying issue.”
Sara Blake, Feb. 27, 2016