It's one thing to be sensitive to the user's needs, but what does it mean when they're so inept that it forces us to change policy? We often hear from users complaining that they have too many passwords. Well, the various systems you use for your job require them. (You remember your job, don't you -- that place that pays your bills?) We can't help the fact you also have usernames and passwords for your bank, your kid's school, your Amazon account, and nine other websites you log in to everyday.
The final straw this week was the rollout of two new company websites. These sites offer access to testing and reporting data via the aforementioned computer, tablet, and smartphones that would otherwise not be available. Due to their international connectivity, one site must meet a highly secure compliance login, while the other ties in to our domain using our standard domain credentials.
As you might have guessed, it was not a pretty rollout and resulted in plenty of locked accounts.
We do our best to communicate articulately to our users. We recommend changes to systems and policies that are confusing and/or inefficient. We're sensitive to the fact that our users are not IT people. We've even implemented single-sign-on technologies to help keep passwords to a minimum.
However, size and budget allow for only so much. At what point does the responsibility fall on the user to simply remember the usernames and passwords they need to do their job? A breach of security hurts everyone. We in IT can only do so much to help. At some point, users need to be responsible for themselves.
Do you have a tech story about supporting users? Send it to firstname.lastname@example.org, and if we publish it, you'll receive a $50 American Express gift cheque.
This story, "Invalid password. Please try again, idiot," was originally published at InfoWorld.com. Read more crazy-but-true stories in the anonymous Off the Record blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.