Happy New Year! Once again, I begin as I mean to go on, blogging at semirandom intervals to no one in particular. But I have stuff on my mind and the easiest way to get it off my mind is to hand it to someone else, so here we go.
Suppose, just hypothetically, you work for a large-ish operation that deals with lots of confidential, if not alarmingly private, information, as well as documents, records, etc. that are your personal-professional private information, as well as a host of institutional applications overseeing various aspects of institutional stuff--purchasing, hiring, record keeping, bookkeeping, contacts, etc. etc., all of which properly is confidential.
Suppose, also, that some of your work business involves the use of subscription-based applications, such as Office stuff, Adobe stuff, statistical stuff, as well as web-based subscription services such as access to informationd databases, email, etc.
Suppose, as well, that in what is supposed to be a helpful fit of organization, your organization uses a paswsword-management system that (supposedly) allows you to set one password for all (most) of your aforementioned applications.
I understand that aligning or synching or whatever passwords along internal systems must be a kind of complicated job. I understand also that this system, whatever it is, is also having to align/sync with Microsoft, Adobe, and other external systems, which is can only be an even more complicated job.
Then, your work adds two-factor identification. So every morning, after logging into your desktop machine with your master password, you end up having to log in to the local network (with that same password--not exactly daily, but often enough to be a pain), you try to log into any of your institutional applications, which asks you to log in again, with the same password, but asks you to two-factor in. Which means digging out your personal phone, waiting for the code to appear, putting in the code, and then getting into your system. And then, when you try to log into another system, you get to do it again.
Typically these things will last at least a day, sometimes longer, so that you don't have to log in again, and you especially don't have to do the two-factor thing, for a while.
Except then you try to get into an external system, say a Microsoft (Office) product, and you get to two-factor yet again. At least Microsoft has the foresight to ask if you want to access all of your MS subscription apps or just the one, and having asked appropriately stops asking you to log in to everything every time.
I mean, I get that a central master password situation isn't the most secure system, and that two-factor is in principle at least one more layer of security (although frankly if I have access to any of my devices, I probably have access to my telephone as well, and vice versa).
Just imagine all this.
Anyway, I'm just ranting. I suppose I should go check if I'll need to two-factor into my classroom computers before Monday, but I don't have the energy. I almost said I don't have the time, but the fact is that in the time it took me to type all this I could have done it. So that's on me.
I just wait for the day I can have a chip inserted into my wrist and all my devices will magically sense that it's me and let me get on with stuff instead of interrupting which might have been a very productive burst of energy. Possibly.
