Saturday, May 5, 2012

Too Secure?

What’s The Point?

Friday was bill paying day. I like that. I like that I can pay my bills and do my part to keep the economy healthy and vibrant. At the rate the republicans keep cutting my social security, that is getting harder and harder to do. But for today, I am secure for another month.

Security is a good feeling when it is real. A lot of the security measures these days are just a facade to give people the impression that they are being protected.

Most of us know that airport security is simply an insulting exercise in futility, but what about the internet? Are we really protected because we have dutifully created passwords we can’t possibly remember? I think not.

Friday was bill paying day. Nearly every bill I pay has printed a reminder that it would be so much easier for me if I paid my bill online. (You probably know where this diatribe is going, but I will try to make my fulminations informative and possibly amusing.)

One of the bills I paid today was the registration for the Buick. I paid it online last year, and it was convenient. I figured I was familiar with the process, having succeeded at it just 12 months ago. I typed in the address for the DMV.

I reached a page I didn’t remember seeing last year. It had lots of pastel colored areas and graphics like a rotary club website, and there was even a box for a member name and password. What the heck? I was expected to ‘log in’ to the DMV website!

I typed in my name and a password and got denied entrance to the “DMV Club” or what ever this stuff was. There was a thing to click if I forgot my password or username. I clicked it and got a page with a lengthy form to fill out that included my CDL, CDL issue date, last four digits of my SS number, 2 security questions, and a host of other stuff that is required to get into the club.

After I submitted that data, and they sent back the form with blank spots where I was supposed to fill in something different, I went searching for the ‘contact support’ address. After scrolling through menus of mostly useless information, I finally located the support link. I let them know that their new security measures were very effective at preventing me from paying my registration fee online.

I think online government sites should look more official than Facebook, online dating services, or Amazon. They don’t need to attract customers with a catchy website design, they need to provide easy access to services, period.

I went back to the DMV ‘home page’ and searched for another way to get in, so I could pay my registration fee. Some of you know that I am likely to spend more time examining the workings and design of websites that most people, and I can generally navigate poorly designed and overly complex pages if I take the time to turn over every rock and leaf until I find what I am looking for.

Sure enough, there is a way to get around all the social website foolishness and go directly to the place where one can pay for registration. This way did not ask for passwords, names of best friends in elementary school, square root of the expiration date of my CDL, or any of those time wasting, frustrating, pointless security features and secret signs that had been preventing me from buying my new sticker. Only the license number and 5 digits of the VIN, and up popped a page describing my car, the amount due, and method of payment. I paid the fee and printed the receipt.

In the course of a few years of blogging, posting pictures, uploading videos, designing websites, subscribing to newspapers, magazines, blogs and websites, I probably have a dozen usernames, passwords for at least fifty sites, plus all the stuff to secure my computers and Apple accounts. For a couple of years I used the same password for everything except banking and Apple, that worked fine until my bank was one of several financial entities that were persuaded to farm out their security to some wizbang, hot-shot, commercial enterprise in Atlanta.

As you may already know, that company’s security was as porous as a sieve and they managed to leak all the data they were supposed to be securing. I was notified by my bank immediately and was advised to change my password for my account. I did. I also found several other sites that I used, that had also farmed out their security to the Atlanta company. So, I changed those passwords. Soon I found myself in an endless guessing game of what password did I use where?

When you forget your password, you must go through a process where you end up making a new password. This happens occasionally to me, and after a year or two, the passwords have accumulated and been discarded to the point where I am now casting about on a sea of password flotsam, hoping to fetch the correct one out of the debris, each time a site asks for my password.

There are some sites that getting past their password protection was so bothersome, that I have done one of two things;

  • Never went back to that site again, or
  • Signed up again as a new account

Now, if I can remember my password to get a video for tonight, here is...

Today’s Video;

The Secret Word Is...

No comments: