Why do so many people forget their password?
By Leo Notenboom
In the nine years that I’ve been answering questions here at Ask Leo!, the single most common topic that I encounter is that of lost or forgotten passwords.
It’s been the number one topic since day one.
In the early years, questions relating to lost Hotmail passwords were so overwhelmingly frequent that it became an inside joke among my friends – I was the guy to see about Hotmail passwords.
In the years since, the spectrum has broadened to include whatever system is popular; most recently, it’s been Facebook .
Why are so many passwords forgotten? And what lessons can we take away to improve our own security, both online and off?
This isn’t about hacked accounts
I’ve seen the instances of hacked account skyrocket in the past couple of years. Hackers are taking to breaking into email accounts and then using those accounts to send spam to the contacts listed in that account. Not only is a legitimate account more likely to bypass spam filters, but contacts are more likely to open email that came from the account of someone they know.
Hackers will often change the password on the account.
What that means is that when the rightful account holder later tries to login, he cannot. It manifests as a bad password (because it is), and password recovery techniques are the first step to regaining access to the account.
I have several articles covering that scenario already and I’d point you at Email Hacked? 7 Things You Need to do NOW for the steps that you should take if you find yourself in that situation.
That’s not what I’m discussing here. This is much more mundane, and yet probably still more common.
People forget their own passwords.
Taking it seriously
When I hear the backstory to a forgotten password scenario, there are a couple of frequently reoccurring characteristics:
The individual is a relatively new or inexperienced computer user.
They’re in a hurry.
In my experience, new users have an underappreciated sense of just how picky computers are about your entering the exactly correct password, and perhaps in an effort to make their password secure, they’ve chosen something obscure and coincidentally difficult to remember exactly. They don’t realize just how easy it is to forget the exact password that they’ve chosen.
Newer users are often not online as often as you or I might be, and thus, often aren’t even asked for their password more than every day or every week or so. If you’re required to enter it correctly every day, it’s more quickly committed to memory than if days or weeks go by before you need it again.
More troubling are the folks who are in a hurry. For various reasons, they want an account and they want it now. As a result, having to set up a password is more of an annoyance than anything else. Certainly no extra time is spent setting up a good password, much less committing it to memory. (More often than not, these are the accounts with passwords like “1234567.” They are also more likely to be hacked.)
The common thread is simple: taking security – particularly your password – seriously from the begining is critical.
Unless, of course, permanently losing access to your account isn’t something that you’d consider serious.
This post is excerpted with permission from Leo Notenboom.
278 total views, 4 views today