Many websites require them: username and password. The username is usually not an issue for me. They either require an email address or a username, often neither taken. When I return to login, I can tell which format they want (email address or just the username, thanks to the label on the textbox).

The password is what I get caught up on. Most people do too. The natural habit is to use the same one for each website you sign up with. If you pick a good one, in length and characteristics, you won’t have an issue with requirements like a number and a letter, eight characters in length.

Security experts advise us to use different passwords. If only they knew how difficult it was to remember which password went with which website. Let’s just say I don’t do well with the hidden matching game.

What’s worse is when you can’t remember the password and resort to using the password reminder. They ask security questions, yet another thing I frequently get wrong. What’s my favorite book? Wait, when did I sign up? Before or after that sci-fi book came out in 2005, 2007, or 2008?

Some suggest that you use false answers to those security questions to prevent people from guessing and resetting your password. Well, good for them if they can guess right and I can’t.

When I don’t get the primary password correct, I end up using brute force with all known passwords I have used. If I have under five different passwords, I can usually get in before getting locked out for repeated attempts.

So this is why people use one password. It is so much easier to login using a common pair then keep guessing which combination it is. When I can’t get the correct combo, I reset the password and hope it works next time. The only problem is when I can’t reset the password because I don’t remember the correct answer to the security question.

The system has accomplished a new goal: locking everyone including me out.