Well, doh!


For this they needed research?!

A research firm surveyed 325 people and concluded that one-third of them write down their passwords on paper or put them in text files on their computer. I don't know how much the study cost, but I could have given them the same conclusion for half the price. Furthermore, I think they've got it wrong. My guess is that it's more like three-fourths or more that write their passwords down.

This whole password thing has gotten out of hand. Recently, I had to get a new password for one of my investment accounts (I forgot it, and I lost the computer file in which it was recorded), but I had to call back to technical support a second time because in creating my new password, I had neglected to include "at least one symbol such as ( ! @ # $ % ö & * _ + ) ? / â ; : } { | \ = < >."

Of course people write their passwords down! I currently have 61 passwords recorded in my RoboForm files (see sidebar). And that's just the bare minimum and doesn't count all the ones lost when I lost the RoboForm files during a disk reformat!

Every site has a different idea of what a password should be: some insist on letters and numbers; some insist on at least one symbol; some specify a certain length; some require a combination of upper and lower case letters; some prohibit the use of any part of your name, age, or social security number. This cleverly prevents a person from using the same password everywhere, which has the unintended outcome of encouraging — yea, forcing — people to write their passwords down.

Some sites insist that you create a new password every few months. And just for fun, they won't let you use the same password more than once. My health insurance site insists that I have a new password every six months. Since I sign on only every two or three months, there's no opportunity to practice it even if I wanted to. All they've got are records of the bills they've paid — or not, as the case may be — and my prescription orders.

On the other hand, I've used the same pin number at my bank since the day I opened the account nearly 20 years ago. All they've got is my money! You guess, Which do I worry about more?

Of course no one wants some stranger poking around in their online information. On the other hand, this obsession with passwords is terribly futile when so many government offices, banks, brokers, and credit card companies keep losing tapes and laptops with hundreds of thousands of personal identification data on them.