Jenni From The Blog: What’s that password again?

Jenni From The Blog: What’s that password again?

Jenni tapped into a personal passion of mine.  Well, OK, passion in the absolute geekiest sense of the word – it’s something I’ve done research into.  My doctoral dissertation looked at how people managed a portfolio of information systems to do their job.  One of the challenges that people faced when trying to use IT in their job was remembering all the different passwords.   What made this particular setting difficult was the portfolio of systems each had different password requirements (e.g. 6 characters, one had to be a letter) that expired at different times (e.g. one every three months, another every 5).  The result was a mess.  People resorted to posting their passwords on the workstation or logging in once then allowing their co-workers to use the system.  It either defeated the whole purpose or security, or people stopped using the IT becuase they couldn’t remember the password.

Of course, there’s also the opposite problem: other online services requiring one single password for all services (e.g. Microsoft, Google).  I went to experiment with Microsoft’s HealthVault, a new system for patients to manage their medical information.  Not only did they force me into using a very strong password, but then that password would also apply to my other services (e.g. Hotmail, Xbox).   The last thing I wanted was to be using my extremely complex password every time I checked my mail…and if I accidentally left the system open, then people could see my medical history.  I stopped at the password.

One of the real contributions of the “Flat World” was the fact that technology became easy to use.  What we need now is a better process for how to operate different IT applications as a single user.  I don’t have the solution, but I do think its a real problem.