Passwords and Muscle Memory

Yesterday I was unable to login to one of my (personal, not work) computers because I had forgotten my password.

It’s the same password I use on all my personal machines, and I think it’s been my password since the earliest Mac OS X public betas. (Possibly not wise, sure, but at least I never used it anywhere else.)

I was at work when this happened (where I have a personal computer mainly for playing music and podcasts). I figured that maybe my muscle memory would kick in once I got home and back to my normal context. (It did. Whew!)

But that still meant a few hours where I wasn’t sure if I’d be able to login to my personal computers. Which is definitely a scary thing. Even though important things are backed up elsewhere (NetNewsWire’s code is on GitHub, for instance), it’s still scary.

* * *

Why bring this up? It’s because this situation snuck up on me, and it could sneak up on you too.

What I realized is that — probably for many years — I didn’t actually know my password. I couldn’t have told you what it is. I just relied on my fingers to know it. And since it always worked, I never thought to question it.

And then, one day at random, my fingers failed. And the more I tried to figure it out — trying things that seemed likely — the more I worried I was fuzzing my muscle memory.

(Luckily that wasn’t true.)

Once I did get logged in, I decided to take some important steps. I changed my password to a passphrase (it had been gibberish), and I’ve saved two copies elsewhere (securely but retrievably).

So here’s my advice: check to see if you actually know your password, because you just might not. And, even if you do, make sure you have a way to get back into your computer in case you forget it.

Don’t trust your fingers!