This is a sequel to our previous strip, “Comic Ridiculing Acronymic Projects”.
One of the problems with any sort of authentication system is that it will inevitably fail at some point. It might produce a false positive, incorrectly identifying an imposter as the genuine user. Or it could produce a false negative, refusing a genuine user. Many biometric identification systems that have worked well in the lab with a limited number of test subjects have failed to see adoption in the real world once the numbers are scaled up. A 1% false positive rate may be acceptable in a lab test of 100 people, but it’s not so great when rolled out to an airport that sees hundreds of thousands of travellers every year.
A more common form of failure online is human error. We’re expected to keep track of a vast range of usernames and passwords, each with their own restrictions on length and character set, while being advised not to reuse them across different sites (which is good advice, though). No wonder people forget them — and then have to deal with the inane password reset questions that this comic seeks to ridicule.
My advice is to use a password locker of some sort. Something like LastPass or KeePass – or even just putting them into files encrypted with GNU Privacy Guard or similar. That way you can use strong, unique passwords, but you only have to remember a single master password. Just make sure you don’t skimp on the strength of that master password, otherwise it’s just the equivalent of securing Fort Knox with a small padlock.
The other inspiration for this strip is Microsoft Windows. I frequently have to fix computers, change their hardware or reinstall Windows. Which also means that I frequently have to deal with Microsoft’s stupidly long product keys, typically printed in barely legible type on a sticker that’s been put upside down on the back of a PC sitting under a desk. All so I can prove that the authentic copy of Windows I’m trying to use is actually… well… authentic.
Give me Linux any day — at least I can copy and move that with impunity.
Cette bande dessinée est aussi disponible en français
This comic is also available in French
Click here to download the SVG source for this comic
G2: These voice activated weapons of yours seem very impressive…
…but what happens in the heat of battle if the gun doesn't recognise your voice?
G1: Well, of course, we have considered that issue, and have included a backup authentication system to accommodate it
[Two greys shooting at each other. One of them stops shooting and his gun starts speaking to him]
G3: PEW—PEW—PEW
G4: PEW-PEW-PE… What the…?
Gun: Voice not recognised. Switching to alternative authentication method…
Please tell me your mother's maiden name
Gun: What was the name of your last school?
Who was your best friend at school?
What was the name of your first pet?
Where were you born?
Gun: Please enter the 25-digit serial number from the bottom of your weapon…
Unable to contact authentication server. Retrying…
Could not contact server… transferring you to a customer services representative…
[Grey is dead on the floor, shot by his opponent]
Gun: Hi there! My name's Steve and I'll be your authentication operative today…
Please tell me characters 1 and 73 of your passphrase
Sir? Sir?! Can you hear me?
Damn! That's the fourth one this week!
Our comics are released under a 
... which requires suitable attribution if you use them...
... and doesn't allow commercial use...
... and requires any derivative works to be released under the same licence.
This symbol indicates an SVG file that you can download and use under this licence
Discussion ¬