Tuesday, January 24, 2012

Password Change

Krishna's lotus feet“To surpass the influence of the illusory energy is very difficult, but those who are determined to catch hold of the lotus feet of the Lord are freed from the clutches of maya.” (Shrila Prabhupada, Chaitanya Charitamrita, Adi 3.89 Purport)

As if we are Pavlov’s dog requiring specific training to follow certain actions, repeatedly taking the wrong tact and seeing the negative response is required before we can actually change our behavior. If it weren’t for the negative reactions and our dislike for them, the pattern of behavior would never change. And the change is necessary in order for a higher purpose to be fulfilled. In the absence of the change we’re just wasting time torturing ourselves. The repetitive pattern actually can teach us a lot about the makeup of the world, how the Supreme Controller has perfectly arranged everything for our benefit and how we can use objects around us to further the highest end.

While it’s nice to ponder these concepts theoretically, a practical example is more helpful. Staying in tune with the modern times, the password change suffices, especially that instituted by the managers of an IT infrastructure. If you work in an office these days, you are likely using a computer. A computer uses a system that requires authentication; otherwise any person could sit at your desk and pretend to be you. With authentication comes the ability to track performance and progress, to see if the person sitting at the desk is actually doing the work assigned to them.

computerIn a computing environment, it is common to have sensitive data, information that not just anyone should have access to. Hence to facilitate the authentication and data protection requirements, each end-user is assigned a login and password combination. The password is where things get tricky. It is specific to each person and it is so sensitive that under an ideal setup, the system itself won’t know what your password is. Should you happen to forget it, the system will allow you to create a new one, which is stored internally with some sort of hash applied to the original characters. If your password is say “Krishna”, the system will perform a hash function to the characters in the word and maybe store the password as a bunch of unrelated characters.

There is no explicit way to retrieve the crypted password, for the hash function operates only on input. Therefore the only way to get the password is to repeatedly make attempts into the hash function to see if what you entered matches what is stored in the system. Bearing this in mind, a properly implemented system will place a limit on the number of login attempts that you can make. Otherwise one could easily perform what is known as a “dictionary” attack, wherein an automated system tries many combinations of letters and numbers until a correct login is made.

In addition to the limit on the number of failed login attempts, there are specific requirements for what a password can be. In ideal setups, this policy is implemented across the system, which means that even the highest person managing the company has to follow the rules and regulations. Your password likely has to have characters, both upper and lower case, and numbers. The password must also be a minimum length, for the longer the password, the more difficult it is to break or guess.

Here comes the kicker. This last requirement is probably the most annoying for the user. In addition to the length and character requirements, the password must be changed periodically, perhaps every month. This shouldn’t be too difficult, right? Have two passwords that you normally use and just rotate them every month? Ah, but the system is one step ahead of you. You cannot reuse any password that you have used recently. Therefore you really have to come up with a unique password each month, something which you may not even remember so quickly.

This rule is helpful for obvious reasons. Say that you decide to give your login credentials to a friend one time because you’re not at your computer, or perhaps you wrote down your password somewhere on a note placed on your desk. The biggest issue with having secrets is keeping them secret. This especially applies to the password, which is the secret of secrets. Should someone get ahold of your password and have nefarious motives, they could do a lot of damage to the system. The longer that secret stays valid, the greater the chances of a security breach. With the requirement for periodic change, if someone should happen to find your password, they only have a short time to use it, which greatly limits the chances of a violation occurring.

For the end user sitting at the computer regularly, authenticating all the time, the password change every month is beyond annoying. Why is this? If you can touch type - that is type without looking at the keys on the keyboard - the entering in of the password essentially turns into a muscle memory operation. You can likely type your password faster than you can verbalize it. If you had to write down your password, you might have difficulty, for it is your fingers that have memorized it more than your mind. Now that you have a changed password, the next time you go to authenticate, you will surely first enter the most recent password that just expired.

The immediate reaction to this behavior will be an invalid password warning flashing up on the screen. Since the password is so long and the characters masked on the screen, you try to enter it again really quickly, only to have the same message come up. Now the pressure is on. You have one more attempt to log into your account before you are locked out for having reached the failed account login threshold. This time you carefully type the letters, remaining conscious of the keys you are pressing. Whew! You made it. You can now use your computer with your login. You weren’t doing anything wrong before, but somehow the machine treated you like a criminal.

What’s probably more annoying is that you have to follow the same tact repeatedly, at least for a day or two, before your muscles get used to the new password. If not for the stern warnings and the fear of having your account locked out, you would never change your behavior to account for the new password. In this sense the warnings train you, sort of like shock treatments. As if you were a dog that was learning how to relieve himself at the proper time, the machine, for your own safety, to protect your data and identity, trains you every month to use a new password.

“Unseen and indefinite are the good and bad reactions of fruitive work. And without taking action, the desired fruits of such work cannot manifest.” (Lakshmana speaking to Lord Rama, Valmiki Ramayana, Aranya Kand, 66.17)

Lakshmana and RamaWhat does this mean in the grand scheme of things? The entire world is filled with smaller and larger versions of the interaction with the authentication system on the computer. For every action there is a reaction. This is how karma, or fruitive activity, works. As Shri Lakshmana so nicely states in the Ramayana, there are both good and bad reactions to work, pious and sinful activity, and the results are not always immediately seen. They may not remain manifest for long either. Nevertheless, for every reaction seen, there is an initial cause, some work which was applied.

Knowing this information is only helpful if we can use it to change our behavior. We should follow actions that will effect changes that are worthwhile. At the same time, we should avoid behaviors that produce negative reactions. Ah, but here is where things get interesting. How will we know which reactions are bad? How will we know which consequences are worth avoiding?

The easiest way is to accept the information from authority figures, those who learned the relevant truths through either their own experience or through the words of wisdom passed down from previous authority figures. Our parents can tell us during childhood to not place our hand in a fire. At such a young age, we have no clue what fire is or that it will burn our hand, so if we follow the advice of our parents, we acquire perfect knowledge of something to avoid. The other option is to try it out ourselves, to feel the sting and then hopefully have it register that the same reaction will occur again and again, each and every single time the same action is repeated.

The latter option is the more painful one, as there is no guarantee of how quickly the proper knowledge will be acquired. For the larger picture, the entire duration of existence within a human body, the Vedas, the scriptural tradition of India, provide information about which activities to avoid and how they relate to the ultimate mission in life. Of the harmful activities, the most sinful, or detrimental towards the achievement of the end goal, are meat eating, gambling, intoxication and illicit sex.

Not to be misunderstood as restrictions meant to punish us or keep us from having fun, the negative reactions from these behaviors are visible even if we should ignore the warnings of the Vedas and the people who teach Vedic wisdom to others. Meat eating is harmful not only because of the detrimental health effects, but also because of the violence that goes into it. In a system of fairness, with no partiality applied by any governing agent, if one side is killed unnecessarily just for the satisfaction of taste buds which can be pleased through so many other areas, the same reaction must be imposed on the killer at some point in the future. In addition, through unnecessary violence, mankind loses his merciful attitude, his ability to harbor compassion. Killing innocent cows without discrimination makes it easy for man to kill innocent babies, confiscate wealth, and have an overall vindictive attitude towards their fellow brothers and sisters. This last attitude is the root cause of all strife in the world, and since it is a byproduct of a contaminated consciousness, we see that meat eating becomes one of the causes for wars and conflict.

rouletteThe harmful effects of gambling are quite obvious. The mind feverishly engages in games and wagers for hopefully winning sums of money that don’t provide any happiness at all. People’s lives can get ruined by gambling, as there are support groups to help those with gambling addictions. The same defect is present in intoxication, as the false escape from the senses brings tremendous negative effects on one’s health. Drunk driving is eliminated through abstention from consuming alcohol, as are so many other negative consequences.

Illicit sex brings the most lasting and visible negative effects. If sex urges driven by lust are not controlled, you can get attachments and burdens that you don’t expect. You also remain beholden to an urge that is easily satisfied in the lower species. The monkeys and dogs have sex life without discrimination, so how can imitating their behavior be worthwhile for a human being with advanced intelligence?

The negative reactions resulting from these sinful behaviors are actually a great blessing. Just as the warnings from the invalid entry of the password helped to change our behavior for the better, the harmful sequence of negative effects arriving from impious acts are meant to change the way that we act, to keep us on the straightened path. The Vedas reveal that the precious human form of body is meant for realizing God, the ultimate reservoir of pleasure. Every ritual, regulation, restriction, and recommendation is intended to further that highest aim.

The knowledge coming from Vedic teachings is necessary; otherwise man remains lost like the animals. Thankfully for us, there is one tool that is so powerful that it automatically carries with it sublime wisdom. It brings peace of mind at the same time, which helps steer us clear of the dangerous path of impiety. That tool is the chanting of the holy names, “Hare Krishna Hare Krishna, Krishna Krishna, Hare Hare, Hare Rama Hare Rama, Rama Rama, Hare Hare”. In this age where sin is taken to be piety, where the end-goal of life remains unknown, a positive action is required to teach the highest truths. Repeated negative consequences resulting from sinful behavior can help us gain knowledge of what to avoid, but even with that, the soul needs a constitutional engagement, an area to go where pleasure is found.

Lord Krishna's handThe holy name is that area, as it carries the forms, pastimes and qualities of the Supreme Personality, who is known as Krishna because of His sweetness. Krishna’s words spoken in the Bhagavad-gita are sweet, as are His dealings with the cowherd women of Vrindavana. Krishna’s portrait is sweet, with its peacock feather, beautiful smile, and flower garland. Krishna’s material energy can also be viewed as sweet, for she purposefully makes life here difficult so that the wise will find the loving embrace of Shri Krishna awaiting them in the next life, in the spiritual sky where no one requires training in their actions, as they are all driven by the most beneficial attachment to Shri Krishna’s service.

In Closing:

Every month or so password must change,

Has to be new, not within recent range.

Old password entered through memory of muscle,

But with change system gives user much trouble.

The fear of losing access a good thing,

Reason to change behavior it does bring.

In same way forces of nature teach,

That for higher purpose man should reach.

Don’t follow animals who satisfy with ease,

Opportunity for loving God fully seize.