Password problems

As it's St Barnabas Day today, I joined the St Luke's congregation for a quiet morning Mass. As  it was bright and sunny, it seemed a good idea to go out for lunch, so we drove to Dyffryn Gardens, walked for an hour or so, marvelling at the changes in vegetation since our last visit six weeks ago, and then ate in the visitor centre's friendly cafe.

Last night, Amanda called, as she was having problems with her computer, feeling that she was losing control of it. Now she's quite computer savvy, and I thought if she's bothered, maybe I should help troubleshoot. She texted me earlier today to say she's been unsuccessful with the measures I proposed over the phone, so I decided a hands-on session was necessary. I drove Clare to her staff meeting mid-afternoon and then took off for Bristol.

Thankfully, there wasn't a lot out of order, just enough to leave her feeling helpless. One of those software downloads with boxes you have to un-tick to avoid acquiring unwanted crapware had been ticked. Her default home page had been set to display a branded search page, full screen. This hid the normal browser controls, so it wasn't possible to change the home page settings. I messed around until I found how to switch off full page mode, and then reset the home pages as she wanted it.

She's also lost access to her Tesco shopping account and couldn't figure out why. She'd made half a dozen attempts to re-set the password, none of which delivered, and made a mess of her memorised passwords, particularly as Tesco require use of an email address and login password. Your password should be different from your email one for security reasons, but it's easy to get confused. Worse still insistence on high strength passwords by default on Tesco's part, means that if you miss out one of their required alpha-numeric components, your password change is requested and it's not at all clear why. 

Yes, the instructions about password quality are there in your face when you're setting up a new one, but if anything they are close enough to be easily overlooked as you're trying to think of something you'll find either memorable or easy enough to write down. High strength passwords are neither of these, since they use keys which normal mortals don't use often and get distressed about locating consistently.

It's understandable that Tesco have ramped up their security critera, but if this encroaches on usability, it's not good for customer relations. Apparently the helpline people were decent with her about the problems, and assured her that the problem was at the home end. But that was as much as they could do, and naturally it left her worried that her machine had been compromised. This fear was indeed enhanced by the unknowing acquisition of a foreign home page. Sites with secondary download tick boxes on by default should really be blacklisted, for the anxieties they cause.