Search:



The Web

Rediff









Home > Rediff Guide To The Net > Features

Khul Ja Sim Sim

March 06, 2003 16:33 IST

Bijoy AK takes a long, hard look at online passwords

It's a mixed blessing, really. With the Internet comes the need to create, remember and handle a great many passwords. Which brings us to a couple of questions. What makes one go for a particular kind of password? Is it chosen simply because something needs to be chosen, or is it well planned and thought about? Is there a hidden psychological pattern involved? Does it reflect one's character and attitudes? Most importantly, how secure and easily remembered is it?

Prof. Dr. Satish Pandey of Mudra Institute of Communications agrees that passwords are widely used and accepted. "As a psychologist, I pondered the impact of a password-driven life on the human personality," he says. "Security needs (Maslow's Need Hierarchy) play a major role and password selection may be influenced by our unconscious. But these are only assumptions and need to be tested scientifically."

Dr. Ashok Nair, a psychiatric consultant from Kochi, has another perspective. "I think there are many psychological factors behind any choice a person makes. Your password may reflect your attitudes but, then again, that varies from person to person. Some may choose one that has nothing to do with them, which is difficult to analyse. When it comes to psychoanalysis, there's always more to it than meets the eye."

Dr. Jyoti Mistry, a Baroda-based behavioural science expert, believes the arbitrary process of selecting a password can't tell us much about a person's character. "Passwords are, first and foremost, functional. People want to choose something they can remember but other people can't guess. They will, therefore, pick something that has personal significance to themselves, but not to others. I don't think that says anything in particular about someone."


PASSWORDS POINTERS:

  • Use alphanumeric passwords or numbers that are easy to remember.
  • Change your passwords every three months and, if not used regularly, change them at least once a month to help you remember.
  • Create passwords using a combination of daily referenced things.
  • Always go back and change your auto-generated passwords.
  • Avoid passwords of more than seven characters.
  • Avoid using pet names, personal and family names.
  • Enabling automatic logins in messengers, web-based email and email clients may lead to password cracking.
  • Avoid writing down passwords on your work desk or at home.
  • Don't submit important passwords on sites without the https or on sites that don't run on secure servers. Look for the padlock icon on the bottom bar of your browser.
  • Try using the same password for different sites, with minor variations that are easy to remember.

A study conducted by the Domain Registry and Marketing major CentralNic has some interesting revelations. The poll, conducted over 1,200 workers across Britain, exposes four different categories of office staff based on their password selection habits: Family, Fans, Self-obsessed and Cryptic.

The Family group chooses a word related to their family; Fans go for their role models or favourite celebrities; the Self-obsessed come up with words like 'stud', 'cool dude''and 'hot hunk' while, apparently, only the Cryptic ones are safe, coining passwords by mixing words and numbers, using odd combinations, etc.

"It depends on the type of account you're opening," says Vishal Shah, a software engineer who uses his girlfriend's name as a password. "I have noticed that people keep the same password for important causes such as their bank accounts or email accounts. When it comes to unimportant accounts, they use different passwords."

'Gasparddelanuit' is what Ajit Barman, a UK-based music composer, comes up with, when asked to coin a password. "That's the name of a piano piece by Ravel that I used to love when I was little. As long as I can remember that the password is the name of a piano piece, my password is safe," he says. "If I have to create a new one, I either modify an existing one or think of a favourite film or piece of music."

Which brings us to the question of hacking into an account. According to Sandeep Patil, technical writer, loopholes do exist in many mail systems, but they learn from mistakes and mend them quickly when cases are reported. "I tried to get into an email account and failed," admits Prasad Balakrishnan, an exports executive still in search of a hacking formula. Freelance journalist Abhilash Warrier believes this is unethical. "It insults an individual's personal freedom and those who do it should be treated as criminals."

Truth be told, however, there are always a few people who can hack into a mail account for hard cash. "I know someone who does it," says Rohit Ashok, a student, who admits having used his friend's questionable services.

Some couples share passwords, just as they share everything else, as this also reduces the risk of forgetting. What about those who do forget? Barman has a solution. "What is needed is some alternative form of personalised key that can be used online and can't be hacked. A signature of the computer perhaps, if you always use your own computer." And so, the search goes on. As does the need for more passwords.

(Some names changed on request)

MORE LINKS

What the public say
Choosing a password
Password selection
Guidelines to password selection and maintenance
Password selection guidelines 
Password humour

 



Article Tools

Email this Article

Printer-Friendly Format

Letter to the Editor










Share your comments







Copyright © 2003 rediff.com India Limited. All Rights Reserved.