Friday, October 07, 2011

Sallie, you're screwed up!

I was stupid.  I went into debt to get my degrees.  I owe a little over $20,000 to Ol' Sallie Mae for an Associate's and a Bachelor's degree.  I freely admit I was stupid.  No shock there, for I'm frequently stupid.

That disclaimer said, I went to answer some love-mail from ol' Sallie, and tried to log into my account.  I forgot my password.  Easy enough to do, I know.  I dare not even count the number of different web sites, accounts and services for which I must remember passwords.  But I digress.

I forgot my password, but there was an easy, simple little button that says "forgot password."  I clicked it, believing it would be simple. 

It was.  Simply frustrating.  I typed the password I wanted.  It was a nice, juicy 18-character complex password that makes computer-security types sleep well at night.  An error came back that said...
Invalid password.  Passwords must be between 8 and 32 characters long, contain at least one number and at least one letter, and must not contain the word 'password' or your user name.
Maybe the password was too long?  I counted the symbols.  Nope, less than 32.  I looked at it clsoely, and could see at least a number, and a letter, and that it did not contain 'password' nor did it contain my user name.

So I tried a different one, thinking that maybe I used this one before.  I got...
Invalid password.  Passwords must be between 8 and 32 characters long, contain at least one number and at least one letter, and must not contain the word 'password' or your user name.

So I tried another and another and another .... Until I realized what was happening. 

As part of a complex password, I was including a special symbol in each of my passwords.  As encouraged by most security geeks, I was including spaces, dollar signs, and other punctuation marks to make the password that much harder to guess. 

Ol' Sallie Mae choked on special symbols.  Did they say not to use them?  No.  Did they say "Um, here's your problem?"  No.  The web site wasted my time with that inane message that was completely off base.

Not only did they waste my time, but they show how pathetic they really are.  I mean, even Windows supports complex passwords.  Papa Johns, Gmail, and Facebook all support complex passwords. 

But good ol' Sallie Mae chokes on them, meaning that their passwords are less secure than your Speedie-Rewards account.  Great job, Sallie.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)