October 28, 2002

Let's Play Password IBM does

Let's Play Password

IBM does so love its passwords.

I've been wandering the hallways of Big Blue for three years now, and I've become accustomed to the company's near-schizophrenic obsession with passwords. I have to type in a password to access the Internet, the intranet and my e-mail. I need a password to access my voice mail, and I must remember a three-digit combination to enter the print room.

But, it's not enough that I have these passwords. No, every six months I have to come up with new passwords because my old passwords may have become compromised, as if there are outside hackers intent on crashing into my inbox to view my edits and comments to the last four magazine articles. As far as sensitive IBM material goes, I'm somewhere between a press release and a memorandum that smoking is only permitted outside the building. In other words, I don't have access to the design specs of anything even remotely valuable. So, why do I have to keep updating my passwords?

"Because," says IBM. "We think it's fun to torment you with frustrating shit like this that totally eats into your productivity."

So, I come into IBM today and am confronted by a sea of e-mails telling me that my passwords for the Internet and intranet will expire in 14 days. To head off the impending date, I was supposed to click the provided link, which I did. I was whisked away to a magical world where I entered my e-mail, current password, and a new password. I like to keep things simple, so I just kept the guts of my password intact and simply changed the middle number from "1" to "2." Well, IBM will have none of that, mister.

No, I was informed that new passwords cannot resemble old passwords. This must be a recent policy change by IBM, because I've been toggling between the same two passwords for the last three years without a hitch. So, I broke out a pen and paper and jotted down a new, totally different password, and tacked it on my desk so I don't forget it. Now, I realize that it kind of flies in the face of security to have my passwords tacked up on my desk for all the world to see, but I'm here to tell you that everybody does it. Peruse any IBM office and you'll see pictures of friends and family members interspersed with password reminders.

IBMer: That's little Kelly. She's four years old now. And that's Steven. He turned eight last week. And that's a piece of paper with my new passwords for the Internet and intranet: Kelly4 and Steven8.

Armed with a totally new password, I went back and typed in the information, only to be greeted by a warning that the password information I provided was incorrect. Incorrect? How the hell is that possible? I know what my current password is. I've been using it without incident for the past six months. So, I go back and try it again, only to be greeted by the same frustrating warning. Apparently, the password that I know is right is actually wrong, and I can't change my password until I enter the correct old password. So, now I'm getting pissed.

I click a different link that brings up a Web page where I have to enter my e-mail information, authorizing a machine somewhere to automatically change my password and send me an e-mail notice that will include my new password. No problem. If I can't change my own password, I'll let the Hal 9000 do it for me. I toggle back to my e-mail and get my new password, a nonsense jumble of numbers and letters that can only be memorized by Stephen Hawking and possibly a few idiot savants.

Back to the password change page I go. I re-enter my e-mail information, insert the new computer-generated password, and suggest a new password. And. . .

And the same damned warning page appears, telling me my password information is incorrect. What?! How can an IBM computer disagree with a password generated by another IBM computer? Come to think of it, how can any work be done anywhere within IBM when all the employees spend two hours changing passwords to no avail? I think it's all part of some strange test to see how much idiocy a person can endure.

Whatever the reason, I still don't have a new password, and I have no idea how to change it. There's only one solution.

I need to find a new job within 14 days.

Posted by Ryan at October 28, 2002 10:48 AM
Post a comment

Remember personal info?

StumbleUpon Toolbar Stumble It!