Passwords and the secrets they contain

password5These days it seems the tentacles of technology reach into every corner of our lives, leaving us struggling to maintain our privacy and protect our secrets. And for most of us, our passwords are a key part of our defense.

Yet despite the constant warnings that we should choose cryptic, nonsensical alphanumeric combinations that no one can remember, many of us cling to the same passwords, often because they have special meaning to us and are therefore easy to remember. These are what writer Ian Urbina, in “The Secret Life of Passwords,” calls “keepsake passwords … tchotchkes of our inner lives.” Such passwords remind us of our tragedies, triumphs, hopes, and sorrows — the things that make us human and unique, personal touchstones in the impersonal world of technology.

Friends, family, and strangers were willing to reveal their passwords and the reasons behind them, and Urbina has rolled it all into an intriguing narrative.

Among the stories:

  • A former prisoner whose password includes what used to be his inmate identification number (“a reminder not to go back”)
  • People who use “incorrect” for their password so that when they forgot it, the software automatically prompts them with the right one (“your password is incorrect”)
  • A woman who discovered her husband was still using a former girlfriend’s birthday as his password
  • A mother who discovered her dead son’s password meant he was gay, something she’d never known
  • A wordplay-loving computer scientist whose password “TnsitTpsif” stands for “The next sentence is true. The previous sentence is false,” the classic philosophy’s liar’s paradox.

A much longer story tells about Howard Lutnick, the chief executive of Cantor Fitzgerald, the financial services firm that was nearly destroyed when 658 employees died in the Twin Towers on 9/11. Those employees had known all the passwords necessary to access the firms computers. Lutnick, through conversations with surviving relatives, managed to learn enough about pet names, birthdates, anniversaries, hobbies, etc., to enable a team of Microsoft experts to guess passwords and retrieve critical files.

The article is extensive and the anecdotes sometimes overly long. But you’ll likely keep reading because we all use passwords and we all love secrets.

“Passwords do more than protect data.
They protect dreams, secrets, fears and even clues to troubled pasts,
and for some, they serve as an everyday reminder of what matters most.”

8 thoughts on “Passwords and the secrets they contain

  1. Totally intriguing. I can see it. (This password history is bound to show up in novels…mysteries, crime novels, sci-fi or fantasies?) Cool post (especially as I had to come up with new password today..arrgghhh…life is so complicated these days)

    1. I haven’t read a novel in ages, but figuring out passwords can be a lot like breaking codes. Definitely a modern angle for all kinds of novels and movies.

  2. I must admit that one of my passwords will never be discovered by my wife, but I must admit I have alot of fun making new passwords and don’t have any trouble remembering them.

    They’re all stored away in ‘My Last Pass Vault,’ only trouble I have is recalling the password for the Vault because even the MLPV people do not have any idea what it is. O_o o_O

    1. All my passwords are stored in 1Password. Some of them are the nonsensical kind that a password manager will create for you. None of the ones I’ve devised myself are as interesting as the ones in the article.

  3. I use KeePass to store all my passwords as well as create random character passwords for me. At least 12 characters and up to 20 if allowed. My password to get into KeePass is a very long sentence. Before hacking became an everyday occurrence, there were about 3 different passwords I would use, and they each had some very deep, personal meaning for me.

    Interesting article. That had to be tough having to call everyone’s family asking for passwords so soon after the towers collapsed.

    1. The Cantor Fitzgerald / Howard Lutnick story was to me one of the most memorable to emerge from 9/11. I don’t know how he managed to function at all after what happened, much less have the company up and running just two days later.

  4. Yep, I do it too. My passwords are about 95% made up of combinations of personal stuff (not birthdays or anniversaries!) or of random sequences that have become meaningful through regular use. The Cantor Fitzgerald story interested me too. Curious, is it not, that the MS decryption team gave priority to interviews over brute analysis? What this says to me is that the conventional advice preached to us about the desirability of long randomized strings is wrong. Unless you’re keeping nuclear secrets, or are a corporation perhaps, nobody is going to spend days with a supercomputer crunching statistical possibilities to get into your checking account.

    1. The information obtained from interviews helped narrow the focus for the brute force attacks by suggesting possible components of the passwords. It would work the same way for hackers trying to get into your account. They can make educated guesses about your passwords based on your personal information (which is often included with your name when a major database gets hacked), and because they’re very savvy about the kinds of passwords people tend to choose. Randomized strings will always be more secure than anything related to your personal information, if only because — even with a supercomputer — they’ll take longer to hack. Hackers likely won’t waste time trying to hack your account if they think John Doe’s is an easier target.

Leave a Reply

Your email address will not be published. Required fields are marked *