I recently started doing business with a new 401 (k) provider. In order to get things rolling I was sent an email with a temporary username and password. I did not logon within 24 hours so I had to have it reset.
When I received the new temporaries I quickly logged on and was instructed to create a username and password. Simple enough. Ah, no. I had to use a combination of upper case, lower case, numbers, and symbols and had be at least eight characters long.
It was suggested that names and phone numbers not be used. It also rated me on the strength of my choices. Once I got past that, I had to set up a series of questions that I would have to answer if I forgot my username/password.
Simple, easily answered questions such as: What was the name of you third grade teacher? What did you wear on June 3, 1997? What is the cosine of pi? How much wood would a woodchuck chuck if a woodchuck could chuck wood?
I finally got it all done and was set. So I thought. Next, I received an encrypted e-mail from the provider that required me to set up a different username and password to be able to have the privilege of reading the emails. Arrrrrrrrrrr!
I know I am not alone here. Many of us have multiple accounts that require usernames and passwords. Even if you wanted to make them all the same, which is not a great idea, you can’t because there are often different rules and requirements.
I set up my online banking from my home computer. If I try to access my bank account information from a different computer, I cannot logon unless the bank sends me a one-time use pin to my email, text to my mobile phone or call to my home phone. I am definitely not saying this is a bad thing, I am saying it’s a pain in the neck. There has to be a better way.
I realize that it is necessary to have usernames and passwords that are hard to guess. But, it also makes them hard to remember. So what do you do? Store them in the notes app on your phone under “usernames and passwords?” Bad idea, what if you lose your phone? I know, password protect it.