Defensive Design for the Web: How To Improve Error Messages, Help, Forms, and Other Crisis Points
Available Now ($16.99)
Subscribe to our free newsletter and receive updates on 37signals' latest projects, research, announcements, and more (about one email per month).
I don’t know about you, but I’ve got a lot of passwords. I have one that I use for all my low-security needs, such as my online New York Times account, but I’d rather not use it for more sensitive things like online banking. And even if I wanted to use one password for everything in my life, I can’t because sites impose varying requirements for the number of characters, numbers, and letters you can have in a password. So you get password proliferation. Online banks, ATM cards, calling cards, PayPal, wireless base stations, computer user accounts, intranets, keychains, ISPs, Amazon.com, Expedia, software web sites--all of them require passwords and usernames.
I store all my username-password combinations on my Mac OSX keychain, and the Safari browser is keychain-aware. But even that’s not a perfect solution. On my Windows machine, Internet Explorer can remember my passwords but I have to remember my username, and I’ve been forced to come up with several usernames over the years when the one I wanted was already taken.
Is there a light at the end of this tunnel? Will we eventually have secure digital IDs that we can figuratively wave at a web site to gain access? I find myself increasingly reluctant to sign up on any site that requires me to establish a new username and password. And I don’t think I’m alone.