I used to work at a toy store in the mall. At the toy store we had to “punch-in” electronically by typing a username and password into a computer station. Like every job right? You also couldn’t risk anybody finding out your password, for reasons I’ve never understood. If someone wants to work their shift clocked in as me, so be it. So for whatever reason our passwords reset every 90 days.
One fateful evening I was clocking in for the overnight shift and I heard my co-worker (and to this day, very dear friend) Kevin laughing through his grin while mouthing his personal password under his breath. Like, he was actively trying to suppress his laughter. At first I didn’t hear him, so I asked if he could repeat himself.
Typed out “frognuts” of course. Then it hit me like a ton of adobe. I didn’t have to use a randomized letter/number combination for my password? My password didn’t have to be “spiderman” or “kittens689”?
I didn’t believe him at first. I still had some naiveté and believed that Corporate higher-ups (for a toy store) were monitoring my activity and would fire me over this sacrilege of their employee log-in system. Eventually, without much prying, my co-worker convinced me to follow suit and make inane passwords. This was an absolute revelation to me.
The very next opportunity the system allowed me to reset the password, I tried to change it to:
What the fuck?!
Then it dawned on me. Ten. Letter. Limit.
In the roughly seven years that have passed, every company that I’ve tried to systematically take down from the inside (worked at) has seen bizarre sex acts coupled with random nouns entered into their intranet gateways and proprietary sales systems as passwords. Including most recently at a certain retail giant that Shall-Not-Be-Named (schfmefstfmye). When the moment came to create a unique password, I paid homage to Kevin.