Website passwords are becoming more of a problem, as more of us use a wider number of sites to conduct our daily business transactions. The issue is that the security filters to recover lost passwords are seriously broken, and are biased towards people that frequently return to sites. But think about it. The more often you visit a site, the more likely you are using (hence remembering) the password. The very users that password recovery systems are supposed to help are left in the cold. People’s electronic lives aren’t static, and the password recovery programs can’t keep up as we move about the physical world, change e-mail addresses, and forget which piece of critical data will be used to authenticate our electronic personas.
Consider this situation from one of my correspondents, an experienced computer scientist. She was recently asked to login with her username and password and couldn’t remember either when she went to buy something at eBay.