punkwalrus (punkwalrus) wrote,

On passwords...

Generally, one should use difficult-to-guess passwords. No real words, mix letters, numbers, and punctuation, and change often enough to be safe, but not so often you have to write them down to remember the password this week.

I went to my first computer camp in 1978 (if my math is right, between 4th and 5th grade at any rate). Back then, access to computers was pretty limited. I would say 90% of what we did was classroom theory, with a rare 10% on one of four cathode ray terminals (CRT/TTY) or two line printer terminals (LPT). I mean, you did your programming on paper, then copied it when you got access to a terminal. Back then, they dialed into some Fairfax mainframe.

There were two teachers. The main one, whose name I have completely forgotten, and a student assistant, who was probably in his late teens, possibly college aged. The student assistant was more of the guru than the teacher, who was closer to a grade school teacher in skills. The SA was REALLY anal about passwords. My first lesson about them was some lanky and wiry guy, ranting about how if he could guess your password, or left yourself logged in, he would fuck you up. “I will make sure you NEVER EVER work in the computer world AGAIN!” he’d scream. I am sure he was being dramatic and tongue-in-cheek rather than serious, but he scared most of us straight. One kid left himself logged in, and he almost got “expelled.” So they said.

The SA’s password was very long. He said he memorized a whole phrase from the Bible, changed a few letters, and it took so long to type in his password, if someone with slower typing speed tried it, the password prompt would time out. Again, all this according to him, but when you saw him log in, he typed for almost 10-20 seconds.

The lesson made its mark; it stuck hard. Almost any password I have is fairly long, and within the constrictions of the environment.

Back when I had a very hellish teller job, we were told, “Never give out your password, even to your manager!” in training. The first day I showed up to work, this happened:

Manager: I need to do some transactions under your name, what’s your password?
Me: I am not supposed to give you that--
Manager: Bullshit!! What is it?
Me: Why do you need to do things under my--
Manager: I don’t want to hear anything but your password.
Me: I was told, in training, to never--
Manager: I was told in training I could fire anyone for any reason. Especially if they hide their password from me.
Me: Why can;t you do these transactions under your account? You have less restrictions and more access--
Manager: [rolls eyes] because it has to be done by a teller! Now what is it?
Me: You’re going to fire me if I don’t give you my passw--
Manager: Yes! Shall I fill out the paperwork?
Me: [low] It’s CTHULHU666
Manager: What? What does that mean? How do you spell... kuh-hoo... koo...?
Me: C T H U L H U 6 6 6...
Manager: C... H...
Me: C... T... H...
Manager: [after several repeats, succeeds with much exasperation] Why did you pick such a HARD password? That is SO stupid!
Me: Because I wanted to make it difficult to guess...
Manager: Oh, man! You’re one weird piece of work!

Yes, she was doing illegal things under my name, which is one of the reasons I quit.

End note: my password has never had the word “cthulhu” or “666” in it since. I consider it bad luck after that job.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded