In the “these things happen to other people” news, I’ve been a target of a hacker. As hacks go, it was fairly significant – my EBay account. The hacker bought a whole bunch of stuff, surprisingly not using my linked PayPal account. EBay locked my account quickly, notified me, and took care of most all the issues with fees and listings. Regardless, I felt obligated to apologize to a bunch of people who got caught up in the mess. One person had actually shipped the product by the time I emailed them.
I’ve been online a long time and my password strength has grown with the ever-increasing threat. I’ve felt I’ve had a decent password, but I suffer from what a lot of people probably do, and that is password entropy – using the same password on every site. Well, that’s not entirely true since I do use a variant of my main password for those sites that don’t support the special characters I used.
Now it’s time to get real. Just before I discovered my eBay account was hacked, I had dealt with some spammer sending me over 7000 emails of random text. So I was giving consideration to changing my email address, and why not have a different email address for every site? So my email address for Bank of America would be email@example.com and for Expedia it would be firstname.lastname@example.org. This would be relatively easy to remember and would identify if anyone sold my email address to another company or if my email was stolen or harvested.
But at the time, I felt a bit overwhelmed with the task of changing ALL my emails. Now, since I have to change ALL my passwords, I might as well go through with it. In addition, I’ve decided to use a password manager, KeePass. It seems to be a pretty slick utility and I’m surprised I never gave it a chance before. I think my main reason for avoiding it was that I never wanted to be unable to access a website because I didn’t know my password.
But upon closer inspection of that fear, it is very similar to other fears that keep you from (positive) change. The fringe cases override everything. It seems everyone is afraid of the word “can’t,” because it is only interpreted in its absolute and permanent sense. It’s not “I can’t do this,” it’s “I can’t do this right now.” And the “right now” part is what makes the modern time so awesome, hectic, and dangerous.
So, with KeePass, I can have a password file on my home computer and there’s a version for my phone that I can keep synched. That should be well enough to let me do what I need when I need to. And for the other cases, it’s going to have to be the other person disappointed when I say “I can’t” because I’m not going to let it control me.