I know it’s unconventional to plead mitigating circumstances, but I know that I’m on the ‘naughty’ list and I know why.
I wrote a password down. There, I’ve said it.
I know that I shouldn’t have done this but really, what do you expect? My brain is getting old and at the last count I had 243 unique passwords. This new one makes it 244. In order to stay on the ‘nice’ list I know my passwords have to be unique per site, long, complex and (as I covered in Christmas blog a couple of years ago) something that has never been used by anyone else as a password for anything, ever. That makes my 243 passwords very difficult to remember. 244 is just one too many.
But, given that painful transparency is all the rage, that is not the limit of my naughtiness.
Password 244 is for…wait for it, a password manager. What an age we live in! I can now have one password instead of hundreds. I remember the one password and then magic computers in the ‘cloud’ remember all the rest. I can continue my headlong charge to senility with only a single care in the world, my one master password. Obviously, that needs to be a good one because if I forget it, that’s 243 times I have to press ‘forgot password’ and frankly Santa, who has the time for that?
Unfortunately, the day after I setup my new password manager, I had an email from LastPass to tell me they had been hacked, again. That’s quite the oopsie. I mean of all the words you don’t want to hear when talking about a hack, ‘again’ has to be pretty close to the top of the list.
Now LastPass were very encouraging in this email, noting that that ‘an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information. Our customers’ passwords remain safely encrypted.’
Oh goody. My passwords are safe but my credit card and other personal details may be at risk. I feel so reassured.
So Santa, I did what any other ‘nice’ individual would do. I deleted my password manager account and changed my other 243 passwords. It took a while but I have a new strategy I call ‘learning from the best!’
You see, my bank is obsessive about security. They don’t trust anyone at all. They won’t work with Google Pay or Apple Pay or any insecure nonsense like that. They have their own app and they update it with new security measures at least once a month. These guys must really know what they are doing. What I’ve noticed is that when I want money from said bank, I can get it from a hole in the wall using a 4 digit numeric code. That’s so much easier than all these long and complex passwords. I know that’s limited to about £300 a day, but who has more than £300 any more?
I suppose, seeing as I’m learning from the best I should really look at the bank app. That would let me transfer loads of money. To a numbered Swiss account if I really wanted. They must use something super secure, like say a laser scan of my eyeball! Hmm, apparently not. The security required to login and then transfer all the money (I used to have but have now spent on electricity and petrol) is wait for it…. A five digit numeric passcode! This is life changing!
Now I can create my passwords automatically in Excel like this
Anyway Santa, sorry to go on for so long. I know I was naughty writing a password down but now you know why, and how I’ve learnt from my mistake. Hopefully that gets me onto the ‘nice’ list, and you are now open to requests.
If so, what I’d really like for Christmas is for everyone to stop using complex and difficult passwords and instead follow my banks lead in adopting 5-digit numeric codes as the pinnacle of cyber security. Because if they do, I can probably make myself rich enough to afford all the electricity and petrol I want.
Giles Letheren, Chief Executive Officer