I wonder if the purpose of new enhanced security online isn't really to get us offline!
I am one who fears not the hackers and evil doers of the World Wide Web. Maybe I am just naive but I surf with reckless abandon, trusting in my firewalls and cautiously chosen passwords. I live online. I educate myself online. I schedule my vacations online. From banking, to buying, to selling, I use the Internet to manage my life. I often surf myself to sleep.
Recently I have begun to notice an increase in security measures being implemented. First it was one of my credit card companies. I used to be able to log on to their site with a username and password to access my accounts. They now require that I answer a different specific fact about my account in addition to the username and password each time I log on. Another similar situation is with my mobile phone account. A username and password is no longer enough. I now have to enter a four digit PIN as well.
Those are just two of at least a half dozen examples I could name. I find it hard to believe that all of the additional security is necessary and, if it is, I doubt it will be enough. The additional security is having the opposite effect of the original intent. If the purpose of providing online access is to make our lives easier to manage, then the new security measures make me long for the old way of just picking up the phone.
Just this past Saturday, I attempted to access my checking account and was told that I needed to change my password due to a password time limit. I had never seen that before but was not surprised. After doing so, I was asked a "secret" question, which I answered correctly. I am then asked to identify a picture that I had chosen before. I do so. Then I enter my new password, and I get a warning. "This account is locked". No reason. No direction in what to do next. I call the toll free help line and they are closed until Monday! I now have to call in to handle my transaction. Wow. Isn't that how I used to do it?
Is this better? Is this faster? Why bother?
In the past month and a half I have seen this type of event unfold at least four times. The more secure the site, the more likely you won't get in. I know that it is supposed to be that way for the hackers of the world but not for me when it's my account!
And, assuming all of this added security is necessary, why can't all of these companies standardize on things like password length and configuration. Just for my employer, I need to remember six different usernames and passwords. That is six different usernames and passwords that I have to enter on a daily basis and change on a weekly, monthly and quarterly basis depending on the access level.
I guess what I am saying is that if we need to jump through all of these hoops, then maybe we shouldn't be passing any sensitive information online. And maybe that is the whole point after all.
I am one who fears not the hackers and evil doers of the World Wide Web. Maybe I am just naive but I surf with reckless abandon, trusting in my firewalls and cautiously chosen passwords. I live online. I educate myself online. I schedule my vacations online. From banking, to buying, to selling, I use the Internet to manage my life. I often surf myself to sleep.
Recently I have begun to notice an increase in security measures being implemented. First it was one of my credit card companies. I used to be able to log on to their site with a username and password to access my accounts. They now require that I answer a different specific fact about my account in addition to the username and password each time I log on. Another similar situation is with my mobile phone account. A username and password is no longer enough. I now have to enter a four digit PIN as well.
Those are just two of at least a half dozen examples I could name. I find it hard to believe that all of the additional security is necessary and, if it is, I doubt it will be enough. The additional security is having the opposite effect of the original intent. If the purpose of providing online access is to make our lives easier to manage, then the new security measures make me long for the old way of just picking up the phone.
Just this past Saturday, I attempted to access my checking account and was told that I needed to change my password due to a password time limit. I had never seen that before but was not surprised. After doing so, I was asked a "secret" question, which I answered correctly. I am then asked to identify a picture that I had chosen before. I do so. Then I enter my new password, and I get a warning. "This account is locked". No reason. No direction in what to do next. I call the toll free help line and they are closed until Monday! I now have to call in to handle my transaction. Wow. Isn't that how I used to do it?
Is this better? Is this faster? Why bother?
In the past month and a half I have seen this type of event unfold at least four times. The more secure the site, the more likely you won't get in. I know that it is supposed to be that way for the hackers of the world but not for me when it's my account!
And, assuming all of this added security is necessary, why can't all of these companies standardize on things like password length and configuration. Just for my employer, I need to remember six different usernames and passwords. That is six different usernames and passwords that I have to enter on a daily basis and change on a weekly, monthly and quarterly basis depending on the access level.
I guess what I am saying is that if we need to jump through all of these hoops, then maybe we shouldn't be passing any sensitive information online. And maybe that is the whole point after all.
No comments:
Post a Comment