At Their Mercy

Forgot password considered harmful

And they do! For example, at the St Nicholas Express Deli in New York City, I placed a few items on the counter and the clerk told me they would cost $5.60 (he didn't mention the 4% extra for paying with non-cash, but I knew about that from the poster). I gave him my card and he charged me $6.24. I didn't notice until I got home and read the receipt.

Here's the deli

At another grocery store in NYC (I'd name it but I don't remember), I was secretly charged an extra 5 cent "bottle deposit" which I had no idea about until I got home.

It's very common for price tags in grocery stores to just be mislabeled, although I assume this is usually unintentional. I also bought a loaf of bread that had a tag *on the loaf* saying $2.29 but in the checkout it was $2.69. That time I noticed it on the screen, but I was too exhausted to do anything about it.

We live at the mercy of every institution we interact with, and it's disgustingly undignified.

Solutions to many of these are easy to imagine and even to implement. Websites could allow you to provide a key to encrypt password reset emails (SourceHut does!), or to disable such emails. Online banking could have been designed such that you generate a one-time code that only allows withdrawing a certain amount and enter that in an online store. That would be a little more difficult to implement for in-person payments, but trivial for online payments. Cryptocurrency offers another solution to the money problems.

If we want a world where we don't have to live at the mercy of every institution we interact with, we need to do the same thing one has to do to enact any kind of large-scale change: every little thing we can. One step was writing this article. Another was writing my article on the problem with password reset emails, and then acting on it by giving my website the option to disable them (before removing the account system). There's a lot of things you can do too. One of them is sharing this article.


subscribe via RSS

Proxied content from gemini://yujiri.xyz/society/at-their-mercy.gmi

Gemini request details:

Original URL
Status code
text/gemini; lang=en
Proxied by

Be advised that no attempt was made to verify the remote SSL certificate.

What is Gemini?