Friday, November 14, 2008

None Shall Pass

And the oppression continues – all in the name of security. The terrorists, and all bad people in general, are winning. We, the humble, good-hearted, decent citizens of the world are shackled by restrictions set forth by the paranoid rule makers, who are not so much concerned with our security or well being, so they may affirm, as they are girding themselves from being stolen from or criticized or sued. From the shaming personal space probing interrogation at airports to the infuriating blow-torch-requiring cd and dvd unwrapping struggle, our lives have become a battered polished ball in a pinball game of fear and absurdity. Woe is the talisman of abstract paranoia amidst a retention pond of wrangling. Do not heed the presage of byzantine scallywags set forth for foraging - forsaken, forlorn and formidable. Let oysters reel in a gouge of contempt. The plain obscured. Among the flippers, bumpers, plungers and slingshots are the passwords required to access the ever growing colossus of essential on-line systems in our lives – email, consumer accounts, chat rooms, CIA backdoor entrances, sex offender registrations, job related systems, bank account access, personal web sites, proprietary plastic surgery landscaping options, address databases, private blogs, education sites, and the rest, here ON GILLIGAN’S ISLAAAAAAAAAAANNNNND. Apparently we each have a lot of information to protect from the groping eyes of others.

The Doctrine of Cool deems no use for passwords. If xe is cool, xe will not peep the skivvies of others unless said peeping be permitted by the skivvy bearer. Since the Doctrine of Cool has not yet manifested itself in concrete form, it has no bearing here. Why even bring it up? I’ll tell you why, because I’m slowly writing the Doctrine of Cool in snippets strewn about the Internet, which I eventually will compile and publish while lounging on my death bed.

I don’t know the vast history of passwords. I can only speak to my experience. Passwords began as simple words or phrases that were memorable to the user, like booger. Everything was wonderful – the users’ information was protected by booger. Eventually the assholic principle of entropy kicked in, (Inconvenience = Number of Assholes times Time divided by the Steady State of Wonderfulness, or I = NA*T/SSW) when assholes throughout the world had enough time to figure out people’s passwords. This drove paranoid rule makers to invent the mandatory periodic password change. The assholes caught up quickly so we had to create more intricate passwords, like booger1, and change them constantly like a newborn after eating a pureed burrito. This pattern spiraled out of control, degrading the meaningful password generation process to a banshee of incommode.

Recently, I was instructed by the words on my computer monitor to change the password I have for a system I pretend to work on at by job. Since this is the month of November, I changed my password from booger1008 to booger1108. In response to my attempt, the words on my monitor screamed, “I THINK NOT!” I was provided a list of password creating rules to which I must adhere, else not be able to fake work in a convincing manner. Below are the rules of my password bondage:

Your password must:

have at least 8 character(s)!

not be longer than 12 characters!

have upper and lower case characters!

have no more than 8 upper-case letter(s)!

have no more than 8 lower-case letter(s)!

have at least 2 letter(s)!

have a leading letter!

have at least 1 digit(s)!

not contain a dictionary word!

not contain an exact dictionary word match!

not be your username!

not be your username backwards!

not contain your username!

not contain your username backwards!

not be your username with the letters rearranged!

not be an old password!

have no more than 1 pair(s) of repeating characters!

not have 3 occurences of the same character!

not contain three or more consecutive characters from the login ID!

I fell asleep three times while reading the list. When I finally got through it, I tried using “Joshua” as my new password, hoping the security programmers were fans of War Games and let that one go, on a lark. Nope. They’re probably Short Circuit fans. Losers. In order to come up with a valid password, I had to take off my socks, haul out my abacus and dig up my alphabetic See ‘n Say. I still couldn’t come up with a valid password. They were kind enough to offer some suggestions, like k#D9i_p&. Ordinarily, I would have thought, there’s no way I’m going to remember that! Luckily, I was drunk last week and got k#D9i_p& tattooed on the ball of my foot. That’s fine for this month, but what about next month, when I’ll have to change the password again? I can’t keep getting drunk and getting tattooed. Or can I? Naaaah.

As convoluted as these password rules are, there are some interesting features. It’s basically a behavior study in people’s password choosing habits. Nobody likes coming up with new passwords, especially in this Nurse Ratched environment of security, so they’ll take as may shortcuts as possible – reusing words, respelling words, using the username, repeating the same letter (ffffffffffff), etc. I am proud of this outpouring of laziness. It’s good to know I am not the only one. Also, why is there an exclamation point after each rule? Are they yelling at me? Did somebody in the password rule meeting think, “We better put an exclamation point at the end of each one so they know we mean business!”? I guess the suggestion to place “It better fuckin’” in front of each rule (as in “It better fuckin’ not contain a dictionary word!”) didn’t make the cut. Speaking of the dictionary word rule, the words, “I”, “a”, “an”, “it”, “in”, “me” and others are all in the dictionary. Does that mean I can’t use those? I tested it and I can! E(at_Me!3 worked! So there, password Nazis! Do you know what else is in the dictionary? The word booger. They caught that one, however. Damn. Evidently, those exclamation points aren’t as stern as they appear. Or, maybe they intentionally mislead me with that rule so I wouldn’t try eating Saganaki until the flame was put out. It seems to work as well as the banana in Ernie’s ear keeping alligators away from Sesame Street. And I haven’t burned my face since they made the rule. I’ll let that one go.

Eventually we’ll be expected to use foreign languages in our passwords, and the assholes will catch up to that. Then we’ll be expected to invent our own languages for the passwords. The assholes will follow suit. We’ll create new fonts and characters. The assholes will figure them out. Do you see where this is going? Eventually we’ll get back around to being able to use booger, only using machine language, with sounds and smells thrown in. Then, and only then, will we be safe from the bad people.

1 comment:

Anonymous said...

Fight the man! Refuse to use passwords!