Websites Should Handle Accounts Better

I’m taking a break from a marathon of password changes. I use Lastpass¹ to manage my passwords. It stores my usernames and passwords and helps me generate new secure ones whenever I change my password or sign up for a new site. It also has a handy feature called the Lastpass Security Challenge which analyses your passwords (~740 odd in my case) and checks for duplicates, old passwords, and compromised passwords.

I’m pretty sure every single one of my passwords fell into one of those categories. Motivated by fear, I’ve been on a password changing frenzy. Lastpass is very good and for a number of sites automates the process. Unfortunately for me I hang around in some of the more obscure parts of the web and so have been changing passwords manually and in the process have a few complaints about websites and how they handle user accounts.

1. Why are there still websites that limit the length of your password? For some reason I have a fifa.com account (God knows why…) and I got very irate when it told me that my new passwords didn’t match – Lastpass autofilled both of them so I was confident they did match. The real issue was that my generated password was fourteen characters and contained a special character. What kind of website struggles with that?

2. Let me delete my account! The truth is I am a bit of an internet junkie. I’ll often sign up for a service and then stop using it. When I do, please let me delete my account. I don’t want my information hanging around on your mailing list forever.

3. Two-Factor Authentication is great, but do it well. For a few of my accounts I’ve enabled two factor authentication but my most frustrating password change experience so far was Origin which prompted me for a special access code three times across as many screens. Once I’ve given you my code once, please have a bit of common sense and let me edit passwords for the next half hour.