Wednesday, February 28, 2007

InSecurity

Between the TSA "3oz baggie" and "improved online security measures" I've just about had it with being safer and more secure. I'm willing to take the risk that the vast majority of people on my plane just want to get where they're going while acknowledging there's some inherent risk in air travel (less risk than for driving actually - see disney post below for example of my recent near miss) than fly without my first aid kit and extra water bottle from home. I would rather have someone steal $30, or even $300, out of my checking account than have to answer "who was your first grade teacher?" to be allowed to get at my money.

If you ever want to get into my N.etB.ank account and they ask you the "security" question, "What is your biggest pet peeve?"(*) the answer is no longer "homophones", it is "security". There's no harm in me telling you all this because I have to write down the answers to these questions very specifically and keep the whole list both at home and work. I tried being vague but I can't decrypt my notes in the three trials I get before they disable my account. So now, my account is LESS secure because anyone rifling through my desk looking for this information will find it. I do a bit of cryptography on the actual passwords themselves, but sometimes I screw up and write it out wholesale. The security enforcers tell you not to write down your passwords, but I did so just before moving to make sure I wouldn't lose access to anything and was a little surprised to find I have 50 usernames and passwords on semi-regular rotation. I'm sorry, but I just can't remember that many passwords AND usernames! So I have to write them down, which means I'm now less secure.

I did give Ne.tba.nk the feedback that they should only ask the security questions if you're moving a vast percentage or a predetermined sum of your money because I always get stuck on the damn things when I just want to toss off a $30 check to pay the utilities or something. And I'm doubly screwed because the more often you log in, the less often they ask the security questions but most of my bills are on autopay (thank you N.etban.k for that, at least) so I don't log in very often.

After collecting my various and sundry usernames and passwords for banks, online stores, credit card accounts, blogs and other things where a password is a good idea, I really don't want to log in to read your damn news. "Just register for our site, it's free! Now, pick a password and username..." Um? NO. I would rather not, thank you. I will answer your user profile survey, I will pay a dollar each for my iTunes, but I don't want anymore usernames or passwords, thankyouverymuch.

The new and newer TSA rules I may have to revisit in a future rant because they're useless placebos that makes us measurably less safe. But today, I'm cranky about the "improved" bank security and I'm trying to be at least a little coherent.

--
* Sorry to all of you for whom "excessive use of quotation marks" is your biggest pet peeve.

1 comment:

Unknown said...

I hate it that practically every Web site asks you to log in to do ANYTHING on their site beyond the basics (even news sites!). It's annoying, it's unnecessary, and I'm sick of it.