Monday, November 26, 2007

Memory load and internet security

Following the loss of citizens' banking and personal details by HMRC, we're getting a lot of advice about internet security. My bank, Smile, tells me that 'each password should be unique and unrelated to any of your other passwords.'

They go on to advise: 'You shouldn't write them down, and you shouldn't share them with anyone, even your best mates... Strong passwords use combinations of uppercase and lowercase letters, numbers, and punctuation, they aren't usually found in any dictionary. For example using 'river' would be a weak password, whereas 'r!V3r_78' would be much stronger.'

So strong it wouldn't even let me in, because I wouldn't remember it. Many of us have accumulated dozens of relationships with banks, retailers, social networks, and other sites that want passwords. There is absolutely no chance of dreaming up unique, strong passwords for each one and not writing them down.

Smile's advice doesn't work. Poor information is no information.