Why I don’t want to know your password

I’ve realized that over the course of my career I’ve had to cultivate a professional disinterest about some things.  You might even call it “learned blindness” – when I am helping people with a computer problem, I’ve developed a practice of not seeing certain things.

One of things that I don’t see – nor do I want to hear – are passwords.  They are other people’s secrets, like that spreadsheet the CFO has with everyone’s salary info.  (I’ve actually had to help someone with a spreadsheet like that, twice in my career.)  I don’t want to see that information – it’s the definition of “not any of my business”.

It sounds funny when I tell people that I don’t want to know their passwords… they trust me, after all, or they don’t think their password is very important.  Or maybe they share it with others anyway.  The best analogy that I have to explain this is that passwords are like gossip: people listen to gossip because they are curious about others’ secrets.

In most roles I’ve had, I possessed the master key to all of my organization’s data – I could, if I were “curious”, look at anyone’s email, access any of their files (sure, there’s computer code, but there are also pictures), or even eavesdrop on their phone conversations or web browsing.  In fact, because I’ve had responsibilities for monitoring email and phone systems, I see “traffic” – not the contents of email messages, but as I’m watching the logs I see calls and emails senders and receivers.

If you think about it, I can’t be curious about the data under my control because it undermines the trust that my colleagues have in me to protect it.  Being exposed to information that I have no need of is like being exposed to gossip – the only way to really be above gossip is to not listen, to refuse to be present when people are talking.

To even discern whether something supposedly “secret” is also “sensitive” means that I’m already hearing it.  So, that’s why I have a blanket policy of not wanting to be told secrets – like passwords – that I don’t have a need to know; because I might have the “ability” to find out, I want to train myself to not be interested.

One more thing: systems should be engineered so that secrets are minimized or securely shared.  For example, most applications that require a password use encryption to ensure that no one can see the actual passwords – all that system can do is take an input and reply that it matches the stored password or not. When you’re talking to someone who is an administrator, they can’t tell you what your passwords is – though they can change it for you, or change it themselves and then access your data.  But they can’t then change it back to what it was beforehand, so these actions are detectable.  I try to architect processes so that I don’t collect data that I don’t need – like authentication credentials.

It’s great that people trust me – even people who don’t like me very much trust my standards.  But discretion – keeping confidences – starts by not knowing them.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s