Skip

"Your password cannot be a personal statement."
August 24, 2012 6:06 AM   Subscribe


 
Now you've gone and made me chuckle on the subway.
posted by Salvor Hardin at 6:15 AM on August 24, 2012


Where's the infuriatingly unreadable CAPTCHA?
posted by deathpanels at 6:15 AM on August 24, 2012 [12 favorites]


Sadly, after two minutes of excited google searching, I can report that in reality there is no website that allows you to compare two horse photos on the quality of their horsey-ness.

I r disappoint.
posted by midmarch snowman at 6:25 AM on August 24, 2012 [9 favorites]


Agreed. Needs more horrible captcha

-ǝɯos annerke. Screw you, captcha.
posted by specialagentwebb at 6:27 AM on August 24, 2012 [3 favorites]


Your password must contain at least one Unicode character from 3 different non-Latin alphabets or iconographies.

Your password must include at least one inappropriate gesture and one guttural throat sound.
posted by Salvor Hardin at 6:28 AM on August 24, 2012 [8 favorites]


Your password must not summon Great Cthulhu or any Old One.
posted by ROU_Xenophobe at 6:34 AM on August 24, 2012 [8 favorites]


Your password must not follow any predictable pattern.
posted by ceribus peribus at 6:36 AM on August 24, 2012


Your password must not reference any events you have personally witnessed.
posted by beaucoupkevin at 6:39 AM on August 24, 2012


Your password must be a closely guarded personal secret.
posted by The Whelk at 6:39 AM on August 24, 2012


Your password must be impossible to remember.
posted by notme at 6:40 AM on August 24, 2012 [3 favorites]


Man, now everyone will know my password is Godayeheporkropeheyadog.
posted by drezdn at 6:41 AM on August 24, 2012 [1 favorite]


Your password must not be something you would use as a password just to get past a password reset check.
posted by zombieflanders at 6:42 AM on August 24, 2012


For complete security, please do not type your password in the provided field.
posted by Thorzdad at 6:43 AM on August 24, 2012 [9 favorites]


Your password must be impossible to type on a standard keyboard.
posted by Malor at 6:44 AM on August 24, 2012 [1 favorite]


For best security, your password must look like a dog's breakfast, but not your dog's breakfast.
posted by weapons-grade pandemonium at 6:44 AM on August 24, 2012 [3 favorites]


Your password may not contain the following characters: 8,=,D
posted by explosion at 6:47 AM on August 24, 2012 [2 favorites]


You guys are making this way too difficult. Here's a foolproof way to create a password that will satisfy nearly every inane password rule.

1) Find a child.
2) Go into that child's room, where s/he is happily playing with blocks (you know, the ones like this).
3) Kick over the child's blocks.
4) When child starts to cry, mock the child for not understanding your password woes.
5) Use the random string of kicked-over numbers and letters to create your password.

Easy peasy!
posted by phunniemee at 6:49 AM on August 24, 2012 [3 favorites]


Your password must be the mind-killer.
Your password must be the little-death that brings total obliteration.
You will face your password.
You will permit it to pass over you and through you.
And when it has gone past you will turn the inner eye to see its path.
Where the password has gone there will be nothing.
Only you will remain.
posted by Lipstick Thespian at 6:49 AM on August 24, 2012 [16 favorites]


Your password must be drawn with a very fine camelhair brush.
posted by carter at 6:49 AM on August 24, 2012 [3 favorites]


Now that you've created an impossible-to-remember password, you should write it on a Post-it note and stick it to your cubicle wall.
posted by bondcliff at 6:56 AM on August 24, 2012 [5 favorites]


Your favourite password sucks.
posted by alex.dudley at 6:56 AM on August 24, 2012


First, a password must be magical,
Then musical as a seagull.
It must be a brightness moving
And hold secret a bird’s flowering
It must be slender as a bell,
And it must hold fire as well.
It must have the wisdom of bows
And it must kneel like a rose.
It must be able to hear
The luminance of dove and deer.
It must be able to hide
What it seeks, like a bride.
And over all I would like to hover
God, smiling from the SysAdmin's desk.
posted by drlith at 6:58 AM on August 24, 2012 [3 favorites]


I'm running out of passwords that I can remember.

Thank god I have a plethora of colorful language to use.

My first job, the @#$# boss asked me what was my password as I was let go. So I told him.

"youreanasshole"
posted by stormpooper at 6:59 AM on August 24, 2012 [1 favorite]


Please enter the words appearing on the following Langford basilisk.
posted by ROU_Xenophobe at 7:01 AM on August 24, 2012 [1 favorite]


I changed all my passwords to "correcthorsebatterystaple" because I heard online that's the most secure password ever.
posted by caution live frogs at 7:01 AM on August 24, 2012 [8 favorites]


I am particularly fond of sites that also have baroque rules for usernames.
posted by jeather at 7:02 AM on August 24, 2012


PS: Anyone here know why my bank account reads "Balance: $0" all of a sudden? Because, hey that's weird
posted by caution live frogs at 7:03 AM on August 24, 2012 [1 favorite]




I had to think up a password recently for a government passport-thingy. There was the usual alphabet soup nonsense about numbers and capital letters and hashmarks, but the thing that caught my attention was the length requirements: 8 or more characters, bus less than 12.

Interestingly, civilian password cacking hits a wall at about 8 characters. I think the DHS just told me what the crackable-in-the-lifetime-of-the-universe length is for non-civilian actors is as well.
posted by bonehead at 7:08 AM on August 24, 2012


Please provide the following information in addition to your new password:
  • username
  • old password
  • full name including title, DOB, address, and SSN
  • home, work, and cell phone number(s)
  • answers to three of the personal questions from the list provided
  • web email addresses
  • facebook, twitter, and linked.in identities
  • a completed copy of the attached consumer profile survey
    This information will be used for future account verification purposes only and will not in any way be sold to advertisers unless we have an established business relationship selling them personal information about our users.

  • posted by ceribus peribus at 7:26 AM on August 24, 2012 [2 favorites]


    Should have ended with the password being accepted but then she has to sign in and she realizes she's forgotten it already cause its such a long string of nonsense.
    posted by nathancaswell at 7:38 AM on August 24, 2012 [6 favorites]


    I usually just use my last name, plus my date of birth and the last four digits of my social security number. Lee06288268. Because June 28 is my birthday and my SSN is 243-52-8268. If it's one of those sites that requires a special character, like my Citizens Savings Bank account, I add an exclamation point to the end: Lee06288268! These are very easy for me to remember, without writing them down, but would be impossible for someone to guess, any more than they would be able to guess that I keep the key to my house at 4306 St. Martin Blvd. in Tallahassee underneath the square-ish shaped rock right by the front step, or that I'm never home between 5:30 - 7:30 on Wednesdays because of backgammon club.
    posted by Cookiebastard at 7:42 AM on August 24, 2012 [5 favorites]


    Oh, and your new password will take up to 24 hours to change on all systems. Three consecutive login failures due to bad password will lock your account.
    posted by ceribus peribus at 7:45 AM on August 24, 2012 [1 favorite]


    I changed all my passwords to "correcthorsebatterystaple" because I heard online that's the most secure password ever.

    heh
    posted by neroli at 7:46 AM on August 24, 2012 [2 favorites]


    As far as bad password policies.... yeah, I've been there before. Also note that in that example, the user wasn't allowed to use any of his/her last thirty-two passwords.
    posted by specialagentwebb at 7:47 AM on August 24, 2012


    The joke just keeps getting more and more absurd!
    posted by jeremy b at 7:59 AM on August 24, 2012


    Your password must be of a complexity so unhackable that it grossly outweighs the trivialness of the site you are attempting to access.
    posted by marsha56 at 8:05 AM on August 24, 2012 [5 favorites]


    Your password must be between 7 and 8 characters, noninclusive.
    posted by Foosnark at 8:14 AM on August 24, 2012 [1 favorite]


    My biggest pet peeves:

    When the site rejects passwords like: aApqUALHMThYWTfKCBFgud4cB9t6ULmFRjDk7YiEGEXPwka3mT for not being complex enough.

    And more so when they disable the paste (via poor javascript) making it annoying for me to paste my nice password manager passwords in. There was a site recently who did that, except in their js, they just checked for 'V' and denied that key. So you were typing a password into a dotted field and it silently ignored the 'V' key. Hah! That screwed up people when they tried to log in.
    posted by cschneid at 8:16 AM on August 24, 2012 [2 favorites]


    Your password must evoke the laughter of children on a warm summer afternoon as they swing out on a rope over the lake when I was thirteen years old.
    posted by Horace Rumpole at 8:17 AM on August 24, 2012 [5 favorites]


    Cookiebastard: "4306 St. Martin Blvd. in Tallahassee"

    I was all set to drive by on my lunch break to see if I could join your backgammon club, but then realized there's no such place. Did you mean Martin St?
    posted by alex.dudley at 8:17 AM on August 24, 2012


    Your password must be over 42 inches high.
    posted by swift at 8:58 AM on August 24, 2012


    Where's the infuriatingly unreadable CAPTCHA?
    This is the absolute worst thing about some sites. It's especially obnoxious when I forget what password I used for one of my GMail accounts, so I begin to cycle through them, and I get Google's unreadable CAPTCHA. Every time this happens, I usually wind up yelling about three tries in: "I CAN'T FUCKING READ THIS SHIT".

    That CAPTCHA system where you're supposedly transcribing words from a book are terrible now, too. They used to be pretty simple, but now I have to cycle through them several times to get one I can read or actually type out (I cannot type Chinese characters!). I almost always get garbled messes of ink.
    posted by Redfield at 9:06 AM on August 24, 2012


    bondcliff: Now that you've created an impossible-to-remember password, you should write it on a Post-it note and stick it to your cubicle wall.
    Actually... substitute "in your wallet", and I'll agree.

    Unless your password involves a security clearance, in which case you would be violating strict guidelines, enforceable with jail time.
    cschneid: There was a site recently who did that, except in their js, they just checked for 'V' and denied that key. So you were typing a password into a dotted field and it silently ignored the 'V' key. Hah! That screwed up people when they tried to log in.
    Someone should hang for that. Or at least have their hard drives swept clean - what are the odds that asshat backs up?
    posted by IAmBroom at 9:44 AM on August 24, 2012


    I have eaten
    the password
    that was in
    the password field

    with which
    you were probably
    hoping
    to log in

    Forgive me
    it was delicious
    so many non-alphabetical characters
    and so cold
    posted by feckless at 10:14 AM on August 24, 2012 [4 favorites]


    I'm too lazy to do a take on "Modern major general" about passwords but I think it would work well too.
    posted by phearlez at 11:08 AM on August 24, 2012


    The making of passwords is a difficult matter
    It isn't just one of your holiday games
    You may think at first I'm as mad as a hatter
    When I tell you your password must not be your name!
    posted by dnash at 1:01 PM on August 24, 2012


    Passwords are hard, and there's absolutely no way to win with current systems.

    Even if a site does everything right, their data is at risk if a user re-uses their password somewhere else.

    Even if a user does everything right, their data on each individual site ist at risk if that site has poor security.

    Real user don't (can't) effectively use a new password on every new site they visit, and even established, sophisticated companies like LinkedIn, Yahoo, Sony, Plenty of Fish, eHarmony, Blizzard, and more have suffered breaches in the past year or so. The status quo sucks.

    [self-link] Mozilla is working on an open, distributed, and decentralized identity system called Persona that completely replaces per-site passwords, but it won't enter beta until next month. Still, Mozilla and its volunteer community are actively working on making the situation better, without forcing users to give up their privacy. There is hope. For developers, there's more info on MDN, or feel free to mefi-mail me with questions.
    posted by SemiSophos at 1:36 PM on August 24, 2012


    Eight-character password?

    CatwomanBullwinkleBarneyfifeJamesbondBifftannenSpongebobWalterwhiteMaebyfünke

    (it the ü that makes it extra secure)
    posted by oneswellfoop at 3:37 PM on August 24, 2012 [1 favorite]


    I like having alphabet-soup passwords that I can remember with my fingers, but not with my brain. Spelling the password is difficult for me, but I can put my hands on the keyboard and tap it out with no problem.
    posted by Countess Elena at 9:27 AM on August 25, 2012


    I especially like the ones that require a dense page of data entry with an unreadable captcha at the very end that clears all the fields when you get it wrong.
    posted by Enron Hubbard at 10:06 AM on August 25, 2012 [1 favorite]


    If I could get one neural upgrade, it would be 100k of secure, reliable memory inside my head for passwords, birthdays, addresses and so on. Find some way to get electricity from ATP...

    Anyhow, failing that, I like the idea of leveraging something you already know. "Jpgr+Jlkj!" is tricky enough to guess, pretty hard to bruteforce, but easy enough to remember if you already know the members of the Beatles and Black Album-era Metallica. For extra security make it the members of your high school band. First and last letters of the names of Qin dynasty emperors? Almost everyone knows something well which can be easily converted into an inscrutable form.
    posted by Wrinkled Stumpskin at 12:09 AM on August 26, 2012 [1 favorite]


    Almost everyone knows something well which can be easily converted into an inscrutable form.

    The problem is not remembering the answer. It's remembering what the question was in the first place.
    posted by drlith at 11:18 AM on August 26, 2012


    Ugh. I just had to come here to complain, because I just had to change my password because it expired. This is a site for applying for jobs at one institution. The password has to be both upper and lower case, plus numerals, and must be more than 8 characters long. and it apparently expires every month. There were only one or two job openings at this institution worth applying for in the past month.

    And say someone did guess my password, what can they do then:
    1) Apply for jobs on my behalf. So nefarious
    2) Get access to all the personal information ON MY RESUME that I've given to hundreds of people.
    posted by RobotHero at 10:26 AM on August 27, 2012


    « Older The Count Is Down   |   The bosses with the antennas on tap. Newer »


    This thread has been archived and is closed to new comments



    Post