Last month (November) I received renewal notices for two magazines I enjoy and to which I intend to keep my subscriptions. What drives me nuts is that the subscription are good until May in one case and July in the other!
Why do they do that? Do they think we won't notice that the renewal offer is 6-8 months early? Do they think we'll just say "yes" to every notice that arrives, and with any luck they'll have us signed up for 5 or 6 years before we notice anything?
Well, guess what? Being a person of discernment and taste (and who else would subscribe to such fine rags), I do notice! And I think it's pretty silly to renew in November for a subscription that's good until next July! So, behaving as a rational person, I ignore the renewal offer. When the next one comes, I ignore that one, too. In fact, I'll probably keep ignoring renewal offers until it finally dawns that the magazine has stopped coming! That's when I'll renew, maybe after missing 2 or 3 issues. This seems a perfectly rational way to deal with problem. I imagine the magazine would rather have me as a continuous and uninterrupted subscriber, yet my "reminding" too often and too early, they provoke the opposite outcome.
This reminds me of the problem with changing passwords. Online companies let you set a user name and password and leave it unchanged for years, but the IT departments of most companies insist that employees change their passwords every 2 or 3 months, ostensibly in the interest of better security.
Changing your password every 3 months sounds good in theory -- if you have only one account in world. But what if you live in the real world? In that case, you probably have 50-100 accounts, each with its own password and user name. You can make this plenitude of accounts less onerous by using the same name and password for multiple accounts. But if your IT department insists that you change passwords every 3 months, how do you keep track of them? Most people write them down -- in a file on the computer or PDA, on a white board, or on post-it notes displayed prominently on the monitor for any and all too see.
With so many passwords to remember, this is a perfectly rationale way of coping with the changing-password demand. Of course, it must also be admitted that it has the opposite effect of the intended purpose. Rather than improving security, forcing users to change passwords makes security weaker, since everyone has to find some coping mechanism for dealing with the short expiration. Under the flag of strengthening security, this practice actually weakens it.
Monday, December 3, 2007
Subscribe to:
Posts (Atom)
