It is a common enough experience: you can’t get in to a website. It happened to me today at a site for a toll road I sometimes use. I had registered a couple of years ago so that, by having my license plate read electronically, I could fly through and have the tolls automatically deducted from my credit card.
Today I noticed something odd with my monthly statement, so I needed to check what was going on. Although I had not logged in for several months, I assumed it would be a breeze: all that was needed was my user ID, my password, and my car license plate. The toll company’s dingbat computer, however, kept saying -- in the vaguest possible terms -- that the login information I was keying in was incorrect. An hour later I was still trying various permutations and combinations of my user ID and password. I eventually raised the company on the phone (no easy task as the phone number, in a tiny font, was hidden in an out-of-the-way part of the site). Once I was through to a live human being, the mystery was quickly resolved. The problem was not with either my user ID or my password but rather with my license plate. I had forgotten I had not updated the site for my new car, which I bought last spring. The site therefore still had me as the owner of my previous car.
Here’s the point: if I had been told at the outset that the license plate was the issue, I would immediately have wised up. Why couldn’t the website have been more helpful? The answer evidently is that the fussbudgets who designed it were concerned more with security than with user friendliness. But why? I can understand that sometimes ultra-tight security is necessary. Los Alamos National Laboratories comes to mind. But a road toll company is not a nuclear arsenal. Who would want to impersonate a road toll company's customers? And what would they hope to gain? Even if someone were to acquire all my login details (a tall order even if the site was frank about which of my login details was wrong), the downside from misuse of my account would be minimal: I suppose it is just possible that some cash-strapped commuter might want to bill my credit card for his tolls. But the odds are against it and in any case the system surely has safeguards (such as digital reading of each car's license plate as it passes through the toll gates) to pick up such abuse.
Isn’t it past time website designers got things in proportion? They should be held to an old-fashioned, pre-digital standard: commonsense.
