Access denied
I waited patiently for the man in front of me to explain why the overdue video he checked out from the library could not have been checked out by him. At first he suggested the librarian had made a mistake, then quickly – after noticing the lethal quality of the librarian’s glance – asked, rather rhetorically, if maybe someone might have used his library card without his knowledge.
“It happens” was all she would say, then she double-checked some additional library records and concluded that yes, the video was still missing. The man went away muttering the most ingenious combination of curses and apologies I’d ever heard.
Then it was my turn; I stated my business: may I please have the library’s internet password?
She looked at me as if I’d arrived from a different planet, which I kinda did.
“We don’t give out our password.”
“You mean the public isn’t allowed access to the internet at this library?”
“I didn’t say that. You will have to hand me your device and I will input the password.”
I’ve never visited a library where this level of internet security served as the protocol. Edward Snowdon would have been stymied had NSA headquarters followed the Bisbee Public Library model for thwarting internet troublemakers. I stood on the wrong side of the information divide, so I passed my device across the desk. She tipped my iPad screen up so I couldn’t peek, then digitized my access with six strokes of one of her very nimble digits, then she gave me a final silent scan before returning my property, as if trying to assess the kind of threat I might pose.
My mistake. I asked for a password. Patrons of this library obviously know enough not to ask. They might even have memorized an elaborate system of winks and nods to reference the secret code that enables the internet to flow exclusively into their hometown laptops and tablets. Or, more than likely, I’m just being paranoid.
Password security is always big news in this cyber age, especially when a fresh batch of personal information has been hacked from our supposedly impregnable social citadels. I mean, who cares if our government spies on its own citizens. At least the White House isn’t involved in an Amazon spending spree using our credit card information.
A recent review of internet habits cites the top three passwords chosen for the year 2013, which include 123456, the word “password,” and 12345678. Online users that pick these wispy strings of characters to foil hackers are considered “beyond help” by security experts. I’ve studied a litany of articles that offer advice about how to choose a secure password and none of them mentioned handing your hardware to a complete stranger in order to access the internet, which is why I thought I should mention the incident.
For five years I worked in the technical services department of a Carnegie library back in the 1970s, when anyone’s use of the phrase “the net” might be confused with trying to land a big walleye. I typed using an IBM Selectric all the necessary cataloging information on recipe-sized cards and pockets that I pasted inside each new book so our print data could pass securely through the checkout line. A barcode still meant an abbreviated way to order a drink. Audio CDs were just becoming a snazzy new media available for the price of a library card. Passwords were not a part of our library’s jargon. The best way to keep an unwashed public out was to lock the doors and hide the key. Near the end of the decade a new director hired a new boss for my department, a genius in technology, who gently nudged his employees toward the lexicon of a digitalized age.
It may be, despite nearly 40 years of sophistication and progress, that the public still has a lock-and-key mentality when it comes to internet security. We reuse the same old passwords at multiple sites, think our pet names could riddle Gollum, and we balk at building better data codes because it’s too difficult to remember our momentary inspiration.
I should know. I created a document three pages long with all my user names and passwords, a feat I thought awfully clever until my friend and ex-library boss explained how easily the document could be stolen, and my cyberlife would become an open book. He showed me how to encrypt access to my cyberbiography, but recently I’ve forgotten the password that allows me access to my own cache of passwords.
My newest strategy (which I’m still theoretically testing) involves tattooing a single personal password in a very sensitive location on my body. The experts warn us that no method can ever be foolproof, and I’d likely feel like a fool checking every time I forget my password, but at least I’m confident not too many complete strangers would ask to handle my device, nor would I be asking to handle theirs.
– David Feela