Passwords - Stop The Insanity!

There has to be a better way to manage our digital lives than through the myriad of elusive online IDs and passwords that we all manage. There simply must be a more sustainable, less frustrating approach!

Cybersecurity is undoubtedly one of the highest imperatives in the 21st century. And it is also beyond contention that passwords aren't the most effective countermeasure to combatting the growing cyber-threats that we all face. In reality, the digitally nefarious routinely acquire our IDs and passwords from the very institutions that are tasked with protecting them. Passwords are confusing, multitudinous, inconsistent and, ultimately, hard to remember in our finite cerebral memory banks.

A Familiar Tale of Frustration

If your experience with passwords is at all like mine, you approach many of your ID and password fields with a slight sense of trepidation. That trepidation stems from the fact that I cannot always remember what ID and password to use for which account.

Does the below sound familiar?

You try to logon to one of the many sites that you use.

When you enter your ID and passcode, you are told that you've entered the incorrect information. It may be your ID or your password, it doesn't tell you which one.

Thinking that it is likely your password that is incorrect, you try a second time. It fails again.

You decide not to keep trying, so you hit the link to reset your password.

You are asked for your date of birth and SSN. You enter both. Success.

Then you have to answer three additional security questions.

Let me think...

• Ms. Cope was my favorite teacher, I'll never forget her. C-O-P-E
• My first pet.... was that Jesse or the gerbil? What was that gerbil's name, anyway? Let me go with Jesse. She was awesome, labs are such a great breed. J-E-S-S-E
• My first car? Oh, yeah. That thing. I-M-P-A-L-A

You make it through that gauntlet and are rewarded with the next step.

You enter your e.mail address and ask for a "reset my password" link to be e.mailed to you. Then you realize you access your e.mail from your mobile device, where you entered your ID and password a full three years ago. But this is your work laptop.

Uh oh.

When you try to login to your e.mail account via your laptop's browser, but it fails and you are sure you don't remember your e.mail's ID and password.

But - you can definitely get to your e.mail on your mobile device, it uses biometrics and accepts your thumbprint as the credential! You unlock your mobile device with your thumbprint to check your e.mail.

The "reset my password" e.mail is there!

You hit the link to reset your password and it brings you to a webpage that assumes (incorrectly) that you are on a laptop. The webpage's content is unreadably small on your mobile device because it was not responsively designed. You spin your mobile device on its side and zoom in to try to work through the steps.

First, the site wants to ensure you are not a robot. So you have to type e8Hs44n based upon an image with obscuring lines and extra dots that can fool an Artificial Mind.

It tells you that you did not type e8Hs44n correctly. It gives you a second chance with a new value - 234kjbHHg. You type slowly and deliberately. It still tells you that you have not typed it correctly.

You give up.

For today, you're throwing in the towel. You can rebalance your retirement portfolio some other day. You stop. The system that is supposed to make your life easier has just frustrated you.

Why The System Is Broken

The fundamental shortcoming of the ID and password paradigm is that it doesn't look at the customer experience holistically. For most companies, the user experience is understood to be what a user experiences when attempting a login to that company's site. A more useful way to understand the customer experience would be to look at the growing multitude of IDs and passwords that we all use. Recent surveys indicate that the average person manages 27 unique passwords to manage our online lives. Remember, that means that 50% of the survey respondents have more than 27.

What Do We Do? An Appeal For User Choice

I demand to choose if I use an ID and password after the initial enrollment for an online service!

It's my info, therefore it's my risk!

I've been making bigger decisions than that for decades now!

A small glimmer of hope has come in one of the apps that I use. It's Moven, a fintech offering that is online-only. I use my Moven account for my petty cash expenses. It offers a feature that tracks the rate of my spending this month versus prior months and represents it in a dial that glows green, yellow, or red. I love it.

Based upon this approach, I enjoy using Moven more than I enjoy interacting with the Top 4 US bank where the vast majority of my financial assets are.

This isn't an advertisement for Moven (although I will admit that I think Brett King is an awesome dude, Breaking Banks is a great podcast, and will disclose that Moven is part of Brett's intellectual contribution to fintech). Instead, this is a request to let me choose which things I want to access without an ID and password and which I don't. If Moven got there for me, more can follow.

It's time.

Everyone get on board.

Stop the insanity - Kill the ID and password paradigm!

@TriquetraIT on Twitter