Your Embarrassing Habit: Passwords

Jan. 25, 2013 - PRLog -- Last year, Mat Buchanan proposed a holiday to call you out on of the embarrassing things you do when you’re alone. The idea was ‘Change Your Password Day’, and the goal was to convince your friends to guilt you into security best practices.

Even though the event wasn’t a huge success, the idea brings up an interesting question: Why would we need to be peer pressured into keeping our stuff safe?

The answer is that we almost always use our computers alone. Think about the last time someone was watching over your shoulder while you did something on your computer. For me, I always feel like I’m moving more clumsily and that I forget how to do simple things. I don’t normally suffer from stage fright, but when it comes to how I use a computer, I’m just not used to having someone else watching.

Passwords take that up another level. I know that I’m supposed to be making safe passwords that are unique for each website, and that I’m supposed to change them all the time and never write them down, but I have accounts at literally 1000 web sites. It is simply not possible for me to remember that much, especially because I only use a much smaller subset regularly. Instead, I use predictable passwords so that when I go back to a website, I’ll be able to figure out the password again.

Luckily for me, no one else is allowed to know this! My password is secret, so my bad habits aren’t something that anyone else can know or criticize me for (until now).

This means that social pressure, where all of my friends are talking about doing the “right thing” is going to have some impact. I’m ashamed of the way I handle my passwords, and having people around me revealing that they do this private thing better is a good way to make me take action.

And now we’ve arrived at the primary approach to getting users to act more securely online: shame them! (Have you ever tried to make one of these bars go to the top? It’s frequently hilarious.)

It’s unsurprising that users and sites both hate beefing up their security. Users don’t want a guilt trip to making their lives harder, and sites know it’s scaring their users away.  Change Your Password Day is a symptom of a security industry that can’t figure out how to make its case in a way that makes the customer feel the added value.

That’s why we’re proposing Ditch Your Password day to raise awareness of all of the awesome technologies that are working to get rid of passwords entirely. We’re, of course, really proud of how Clef does this, but there are other awesome projects like Mozilla Persona and PixelPin that have the same goal.

What do you say? Are you ready to Ditch Your Password? For more updates, you should Follow us on Twitter (http://twitter.com/clef_io) or visit https://clef.io.