Home > Rediff Guide To The Net > Features
Khul Ja Sim Sim
March 06, 2003 16:33 IST
Bijoy AK takes a long, hard look at online passwords
It's a mixed blessing, really. With the Internet comes the need to create, remember and handle a great many passwords. Which brings us to a couple of questions. What makes one go for a particular kind of password? Is it chosen simply because something needs to be chosen, or is it well planned and thought about? Is there a hidden psychological pattern involved? Does it reflect one's character and attitudes? Most importantly, how secure and easily remembered is it?
Prof. Dr. Satish Pandey of Mudra Institute of Communications agrees that passwords are widely used and accepted. "As a psychologist, I pondered the impact of a password-driven life on the human personality," he says. "Security needs (Maslow's Need Hierarchy) play a major role and password selection may be influenced by our unconscious. But these are only assumptions and need to be tested scientifically."
Dr. Ashok Nair, a psychiatric consultant from Kochi, has another perspective. "I think there are many psychological factors behind any choice a person makes. Your password may reflect your attitudes but, then again, that varies from person to person. Some may choose one that has nothing to do with them, which is difficult to analyse. When it comes to psychoanalysis, there's always more to it than meets the eye."
Dr. Jyoti Mistry, a Baroda-based behavioural science expert, believes the arbitrary process of selecting a password can't tell us much about a person's character. "Passwords are, first and foremost, functional. People want to choose something they can remember but other people can't guess. They will, therefore, pick something that has personal significance to themselves, but not to others. I don't think that says anything in particular about someone."
A study conducted by the Domain Registry and Marketing major CentralNic has some interesting revelations. The poll, conducted over 1,200 workers across Britain, exposes four different categories of office staff based on their password selection habits: Family, Fans, Self-obsessed and Cryptic.
The Family group chooses a word related to their family; Fans go for their role models or favourite celebrities; the Self-obsessed come up with words like 'stud', 'cool dude''and 'hot hunk' while, apparently, only the Cryptic ones are safe, coining passwords by mixing words and numbers, using odd combinations, etc.
"It depends on the type of account you're opening," says Vishal Shah, a software engineer who uses his girlfriend's name as a password. "I have noticed that people keep the same password for important causes such as their bank accounts or email accounts. When it comes to unimportant accounts, they use different passwords."
'Gasparddelanuit' is what Ajit Barman, a UK-based music composer, comes up with, when asked to coin a password. "That's the name of a piano piece by Ravel that I used to love when I was little. As long as I can remember that the password is the name of a piano piece, my password is safe," he says. "If I have to create a new one, I either modify an existing one or think of a favourite film or piece of music."
Which brings us to the question of hacking into an account. According to Sandeep Patil, technical writer, loopholes do exist in many mail systems, but they learn from mistakes and mend them quickly when cases are reported. "I tried to get into an email account and failed," admits Prasad Balakrishnan, an exports executive still in search of a hacking formula. Freelance journalist Abhilash Warrier believes this is unethical. "It insults an individual's personal freedom and those who do it should be treated as criminals."
Truth be told, however, there are always a few people who can hack into a mail account for hard cash. "I know someone who does it," says Rohit Ashok, a student, who admits having used his friend's questionable services.
Some couples share passwords, just as they share everything else, as this also reduces the risk of forgetting. What about those who do forget? Barman has a solution. "What is needed is some alternative form of personalised key that can be used online and can't be hacked. A signature of the computer perhaps, if you always use your own computer." And so, the search goes on. As does the need for more passwords.
(Some names changed on request)
What the public say
Choosing a password
Guidelines to password selection and maintenance
Password selection guidelines