These days we do everything electronically. This, I am sure, is not news to anyone. Everything has its website. And of course every website has its security.
As far as I can tell, the only people who heightened security actually prevents from getting into a website are the ones who have a legitimate cause to be there. One of the side effects of my dad’s Alzheimer’s is he lost the ability to manage his finances, resulting in a variety of difficulties. Since mom was always content to let him do those things, in the past few years I took over for a while to help get things back on course. Dad had started doing things online before I took over. And proceeded to forget most of the information needed to access the accounts.
Look at the standard sign up procedure. You need a user name and password to start. The user name is likely to be your email, or if you are like the average joe, a common sign in you use everywhere. And then you need to pick a password, which will have a series of rules governing it that depends on the site. Now again, if you are like the average joe, you will probably use a password that is easy for you to remember … for instance the same password you use for the 20 other sites you are signed up for. But of course this new site is aware that people often do this, so to tighten security they will force you to change it slightly. Maybe it needs caps and numbers. Or you need a symbol in it too. So you either change your easy to remember password to a less easy to remember password that you can easily use on every site (which most probably don’t think to do). Or you do the next best thing, and write the password down, so you don’t forget it.
So much for security.
But wait. In case you forget your password, we’ll give you a few security questions so we can verify you are you. They will be questions only you can answer. Except we get to pick the questions. Ready?
- What size was your great grandmother’s bra?
- What was your father’s first word?
- What were you doing on July 15, 2001 at 7:08 am?
The beautiful thing is you can always have your computer save your passwords, so that you don’t have to remember them. Until you log in on a different computer. So, thinking you remember the password, you try to log in. After the third failure, you probably click on the link that says Forgot Password. At which point you will probably have to answer your security questions. Good thing you wrote them down and put them in a safe place. With your other computer.
What? You can’t remember the answers to your personalized security questions? Not to worry! We will just email you a link so you can reset your password. Just tell us the last four digits of your social security number. But it may take some time before you will receive the email. And don’t forget to check your junk email folder to make sure the email was not mislabeled.
OK email is there, link is clicked, and new easy to remember password is made. Now You can sign into the website with the new password. Ooops. I am sorry! Because You tried unsuccessfully three times to log into your account, your account has been locked out. Please call 1-800-YOU LOSE to reset your account. And don’t worry, they know just what questions to ask to verify you are you!
So has anyone else heard of Epsilon? You know, the minor marketing firm that handles such unknowns as Ameriprise Financial, and Citibank? Seems they wrote their password down too.
Always nice to know how secure all our information is!
- Epsilon E-Mail Hack: How You Can Protect Yourself (pcworld.com)