I just saw the news about eBay’s user data being hacked, adding yet another to a long list of similar events. The warning issued is the same as always:

“Change your passwords!”

Nope, not gonna do it.

First of all, it shouldn’t be my responsibility to clean up after a website’s mess. If a site gets hacked, and they think it’s critical that passwords be reset, then just reset them. Make me verify my identity and set a new password next time I login, quick and easy.

And secondly, if I actually changed my passwords every time a new site gets hacked, I’d be doing it every day. And even then it would just be in response to the incidents that companies a) are actually aware of, and b) find it prudent to inform us about.

Can we just accept it as a constant that at any given time at least one nefarious party has access to an assortment of our passwords and personal information? It’s like coming to terms with the fact roughly 2% of you is totally made up of germs and bacteria.

Not easily guessed? For a person? Or a botnet guessing a trillion passwords per second?

And the most frustrating part: I can only devise so many weird combinations of letters and numbers and capital letters and special characters but only characters like .!@% or # and definitely not anything crazy like <*&? or } and don’t even think about using any combination of characters from your last 10 passwords, and nothing too obvious either, and make sure it’s at least 8 characters, but whoa nothing over 20 characters, actually make that 12 characters this time, oh and no spaces, and make sure it starts with a letter, no a capital letter, wait make sure it’s not a q or a z, and actually, is your caps lock on, and would you mind deciphering these garbled letters to prove you’re a human, and can you confirm your zip code or the last four digits of your SSN, and would you like to participate in a brief customer survey …