Friday, July 23, 2010

Password frenzy

Today I helped the Latino Coalition setup e-mail, change Windows logins and generally get their employees' accounts organized. OMG!

There were three employees and each required a password for their desktop PC, a POP account, and SMTP account. We needed passwords for their e-mail/web hosting service, (to administer the e-mail accounts,) Yahoo! account (to create and then validate their e-mail accounts for sending mail,) and router. To change former Windows user account passwords required knowing the former user account password to change them. The SMTP service required a separate password and non-standard port number; that's like a password too.

Like most of our customers, the 'boss' wanted to know these website URLs, logins and passwords. She was overwhelmed! Who wouldn't be? When we were finished, she had a spreadsheet with six lines and eight columns - just for three employees!

No wonder many of my customers are frustrated to the point of distraction with computer security. What does is get them? Where is the trade-off? What is the upside?

Each of these people probably have personal e-mail accounts, bank accounts, a dozen other services and websites that require logins and PIN codes.

We are being punished by all these passwords! They buy us precious little security and simply don't work.