Password Problems

Descrabled

I accept that banks, building societies, and utility companies operating over t"interweb need to have rigorous security systems including the use of passwords. Why must they make things so difficult for those of us using small screens, aka mobile phones, to access their systems?

I'm sure all of us know of the "fat finger" errors caused when adding text, numbers, etc. to input boxes. Security systems often replace input with stars to hide the actual value (password shows as *******}.

I know not the current reason to hide the value being input. It does cause problems if a mistyped entry is made without being able to view exactly what has been entered. So if I type "wotd" instead of "word" an error occurs. Some organisations do not give the ability to view hidden input with the consequence that access can be temporarily denied.

I had such a problem with the Leeds Building Society whilst trying to open an account. I was required to enter a password with >7 letters and numbers and a confirming entry. I enter 8 letters and numbers twice; reply -  does not match. Repeat password input; reply - not >7. At no time is there the ability to view my input so I am unable to see if it is my problem or possibly the Leeds` problem. Result is that I abandon opening an account after 5 attempts to input a password.

I have been temporarily denied access to accounts with other organisations because of "fat finger" errors so obviously my thumb is too big.

Helpful ideas gratefully received

Grenage

Perhaps get a cheap tablet?

400ixl

I wouldn't use a password that I could even remember to type in as chances are it is not long enough or complex enough for use.

Best option is to use a password manager like Bitwarden so that you can have longer complex passwords that you do not need to remember and can be unique to every site you use. A password should be a minimum of 12 characters of random letters (in different cases), numbers and additional characters. There should ideally be no words in them at all.

A password manager can either fill in the details for you or you go into the manager and copy and paste the password into the app.

masonic

I can't say I've come across this. Usually the key being typed appears briefly on screen, and on screen keyboards tend to pop them up as you type too. Recently launched apps are tending to go with a numeric PIN backed up with 2FA, rather than complex password. This is sufficient where the number of guesses can be strictly limited. We've all walked around with debit cards protected only by a 4 digit PIN for a long time, whereas phones also have a lockscreen that can be protected by biometrics and/or a complex password too.

[Deleted User]

Hi,

try a dabber,

Malchester

Yes. I had the same problem setting up a security question. It asked for the name of the first company I worked for. Unfortunately spelt it wrong and couldn't understand why it kept telling me I had given a wrong answer when asked to put a set 3 digits in to access the account. Eventually changed the answer to the question and realised I had spelt it wrong.

I wont use a password manager in case I forget the password to the password manager!!!

masonic

Malchester said:

I wont use a password manager in case I forget the password to the password manager!!!

You could always write it down and store it securely. It is quite unlikely that you'd forget it though. Once in use, you'd be typing it in almost daily.

Descrabled

Thanks to replies so far.

Greengage - Great reminder as I have a tablet and will try using it more often. Trouble is it has limited memory compared with smartphone so no good for apps but good for keyboard.

400ixl - trouble is some organisations need upper and lower case, some need numbers, some need characters, some preclude characters. Like your suggestion of password manager and will investigate further. I use 3 random small words where possible.

Masonic - Agree and for apps it is great; fan of HSBCs revision and wish First Direct would follow. Not much use when using t'interweb account or where the app still uses older methods. I agree that pop-ups can help but I'm not good at watching screen whilst typing. I have a habit of pressing delete instead of m next door.

Descrabled

frugalmacdugal said:

Hi,

try a dabber,

I have, but trouble is that I can't find the d***** thing

RG2015

Do you not have a pc or laptop?

I always use my laptop for setting up accounts.

Once set up, all I need on my mobile is a finger print, or occasionally a PIN.

k_man

Another recommendation for a password manager*

@Descrabled, the password manager can generate the password for each site for you, based on rules you apply (include special, no special, length etc).
These are truly (or as close enough) random and unique.

Any passwords we create ourselves, including word based ones, are usually not nearly as random as we think. Especially if these are based on being easy to type and easy to remember as we now need to have so many different ones.
We usually start to base these on patterns, which we think no one else can work out!

As suggested, if you commit to using your password manager, you enter the password often enough to remember it.
Storing a physical copy somewhere is not a significant security risk, as long as you also have 2FA enabled
Many password managers also allow you to enable emergency access by someone, just in case.

*Caveats

It's not a perfect solution, especially for the really annoying enter characters 3, 6 and 13 from your password sites.

And be aware that some sites and apps behave oddly when (or don't allow) pasting passwords (they seem to rely on the typing to accept a password has been entered). Usually this is only at account creation.
So be prepared to occasionally have to type in a complex site password.