2009-02-23

When things go boom.

Say someone manages to log into one of your many accounts online, changes your password and your contact email address. Your webmail account, your blog, social website -- do you know how to regain control of that account?

In most cases the answer will be: probably not. And don't expect any help from the companies running the sites. Any self-respecting company running a high profile service of some sort will know how to insulate themselves extremely well from their customers. If they do have some narrow pinhole through which you can communicate with them, you will most likely reach their least qualified, least motivated and most underpaid employees. Not only are these people not going to have even a fraction of an ounce of sympathy for you: company policy will most likely forbid them to help you anyway.

As an example: years ago I used to work for a company with which I had created an account. Years before I joined them. I had since forgotten the password and the contact mail address was for a machine that didn't exist anymore at a domain that was long gone.

Even though I worked for the company they told me to get lost. Apparently something to do with not wanting to open a particularly nasty can of worms. Understandable yet infuriating.

Think about this for a while. You willingly depend on all these services on the web. But if your password should somehow find itself in the wrong hands: you are most likely screwed.

I am writing this not because I've experienced having an account compromised (or just lost) in recent years, but because I think addressing this problem is important. I am sure people have tried to come up with solutions for this, but since it is still a problem with most major sites, no solution has gained significant traction.

This problem requires attention. Preferably before politicians and lawyers start to get funny ideas about how this should be done.

1 comment:

  1. This will, obviously, be solved by massive packet logging by the government. Then they will know what happened, and your friendly secret police will likely help you.

    On the other hand, maybe I should not write blog comments while drinking....

    ReplyDelete