Photo illustration by Lauren Wood / The Natchez Democrat

Archived Story

PASSWORD PREDICAMENT: Keeping up with passwords can be complicated affair

Published 12:00am Sunday, July 29, 2012

NATCHEZ — For Glen McGlothin, his grandchildren are his inspiration. For Jimmy Allgood, it’s his favorite outdoor destinations. For Bob Buseck, it’s his pets.

Passwords — the oft-forgotten secret handshake that lets people breach their own personal information on the computer — can come from anywhere.

Even when the inspiration comes from a good place, however, the growing complexity and combination of capitalizations and characters can be tough to keep track of, some Miss-Lou residents said.

But the trick to choosing a safe one that sticks is to make it is something only you know about — and know well — local technology industry experts advise.

“It should be obvious with a twist,” said Buseck, the IT director for the City of Vidalia.

With technology transferring work files, orders, banking and social interactions to the Internet, many Miss-Lou residents said juggling several log-ins and passwords can be frustrating.

And with hackers constantly catching up with heightened security, different websites require a variety of levels of complexity, sometimes asking for more “twists” just when the user finally gets their password down.

“(Websites and servers) want to be more secure every day,” said Eric Junkin, the IT director for the City of Natchez.

And more secure often means less easy it is to remember.

“(Password requirements) are getting more complicated,” Junkin said.

Cable One General Manager John Hibbert deals with technology every day on the job.

To access his work files on the computer, the system forces employees to change their passwords every three months.

“It’s kind to hard to keep up with the passwords,” Hibbert said.

To cope, he often uses similar passwords, but with different characters.

“I can kind of manipulate it,” he said.

Hibbert said though he usually knows all his passwords, it’s difficult to remember which one goes with which site.

“If have one or two in my mind. I type one in, and if it doesn’t work, I type in the other one,” Hibbert said.

“It’s kind of a headache.”

Adams County District 1 Supervisor Mike Lazarus said most of his passwords are the same, but they often differ slightly by a character, capitalization or two.

On the chance that a mental system fails and residents have forgotten their passwords, the security questions designed to help can be just as cryptic, some said.

Hibbert said when sites ask him questions to verify a password for extra security or to remind him of his password if he forgets, the questions aren’t always so easy.

“I had one — it asked me for my wife’s maiden name,” Hibbert said. “I’m eliminated from that because I don’t have a spouse.”

Lazarus said he can answer some questions easier than others.

Lazarus was recently checking his son’s bank account and was stumped by a puzzler. The site asked for his son’s favorite song, and Lazarus said he had to admit he didn’t know his son well enough to answer that question.

Systems

To help keep track of it all, Lazarus said he keeps a file with information like that.

Hibbert said he tries to remember it all, but he writes it in a little notebook as a back-up plan.

“I just hope I don’t lose that notebook,” Hibbert said. “It stays with me all the time.”

Even the tech-savvy Buseck uses a pen and paper to remember his passwords, if only momentarily.

Buseck said his trick to helping him remember a new password is to write it down on a piece of paper several times in a row to store it in his visual memory.

What does he do with that paper afterwards?

“I have a shredder,” Buseck said.

Junkin said he keeps an encrypted digital file of his passwords, but he wouldn’t divulge much more information about his secret spot.

For Jimmy Allgood, there’s no special file.

“It’s all in my head,” Allgood said.

McGlothin said he just tries to keep it simple.

I guess I’ve just never worried about it,” McGlothin said. “Maybe I should, but I haven’t.”

The way he sees it, McGlothin doesn’t share super sensitive information while using the Internet.

“I get on this thing (his computer) only when I have to anyway,” he said. “That’s just me.”

But the experts say it often isn’t humans doing the hacking, but machines. The reason some sites require users to retype the squiggly, blurry letters on the screen is to ensure a human is the one at the helm, Junkin said.

“The malicious things are done by machines, not by humans,” Junkin said.

For instance, someone can set a machine to search through e-mails in which the word vacation is used, Junkin said.

“(The machine sorts), so humans can act on it,” he said.

To be safe, Buseck, who used to be in the military, said he recommends choosing passwords that follow the U.S. Department of Defense standards.

Those standards require eight to 16 characters, at least two uppercase letters, two to four numbers and two to four special characters — like a dollar sign.

Junkin said anyone who has experienced the cost and hassle of the loss of a hard drive will likely make the extra effort to type in a tedious password.

“(Your information) is only as secure as you want it to be,” Buseck said.