If you enter a password into a login box and your password disappears, look for it!
I’m serious, because it happened again today. Not to me, but to my colleague.
I received a work email that provided instructions for logging into a new, internal website. I was not able to log in, and neither was my co-worker in the next cube.
So I replied to the sender, saying that neither I nor my bud were able to log in. Was something wrong with the URL or the website?
The email bounced around to several people and I was copied on all of them.
Finally, one of my colleagues a few rows away forwarded the email back to me, stating that she was able to log in fine, and that I should call the help desk.
And that’s when I saw it.
In the email, right where the website URL was shown, was my colleague’s user ID and password. She obviously had clicked the URL, opened the website, and then accidentally made the email window active again. She probably looked away and then typed her ID, hit the TAB key, and then her password.
When her eyes returned to the screen, she didn’t see the website, so she clicked over to her browser and saw the empty login screen. And entered her credentials again, made sure the website was ok, and then returned to the email.
She scrolled from the URL in the email, up to the top, and then typed, “Mack, the website is OK. I was able to log in. Must be you. Call the help desk,” and sent me the email, totally unaware of what she did.
Why do I need to call the help desk? I had her ID, her password, and I know it worked, right?
But seriously, the next time you KNOW you typed your password, but it didn’t get entered on the login screen, please look for it. You probably typed it in another window.
Sometimes, when you type in the wrong place, no text is generated, but occasionally, it ends up elsewhere. So make sure you check all open windows to see where your password may have went.
Not too long ago, I was chatting with another auditor who accidentally typed her password into our chat session. Too many open windows have their disadvantages. My fellow auditor was more embarrassed by her weak password composition that the leak itself.
It happens. Just change your password real quick. And make sure you pick a decent one.
I write about passwords often. You might also like: