Dear User,

As you may know, bad actors recently used social engineering, phishing, spoofing, scraping, whaling, spelunking, and advanced dark web stuff to break into approximately 9,271 user accounts and access their private information.

Although this is fewer than 1% of our users, it is unacceptable.

Clearly, our existing 2-factor authentication (2FA) is far too weak. That's why we're upping the ante with 9-factor authentication (9FA).

What is that? Great question.

9-factor authentication supplements your primary password with eight other hard-to-guess items that foil bad actors. We have chosen these additional factors in advance, just for you, so that no hacker can ever impersonate you.

To use 9FA, simply enter your password, then type, speak, and show picture and video evidence to your camera that proves, with complete certainty, that you possess all identity factors:

  • A photograph of your face, neutral expression, studio lighting.
  • Your social security number divided by the number of months you have been using our app.
  • Another photograph, with your best silly goose face, dim barroom lighting.
  • Your favorite sentence from James Joyce's Ulysses, which we have deduced from your user preferences using our AI.
  • A photo of your most niche tableware piece that a hacker would never think of — e.g. a ceramic cat mug that says, "I'm Highly Catfeinated."
  • An audio recording of your favorite chord from the opening of "Praise You" by Fatboy Slim, which you must play on a real Casio keyboard.
  • A 90-second video of your best sensual Bachata dance moves, including at least one slow body roll, a Madrid step, and a lingering cambré that sends shivers up our spines.
  • An audio recorded persuasive monologue of the one thing a hacker would never agree to: that human rights must be universal, otherwise they cannot exist.

You have nine seconds to enter each factor or you will be LOCKED OUT.

If you play a piano chord from the wrong Fatboy Slim song, you will be LOCKED OUT.

If you cannot present a logical argument for universal human rights, you will be LOCKED OUT.

If you use the wrong dance moves — e.g. Dominican bachata or Salsa On2 or Lindy Hop, etc. — you will be LOCKED OUT.

If you enter a sentence from your favorite William Faulkner novel — aka the poor man's James Joyce — that will be treated as a password reset request.

No exceptions.

As soon as you pass 9FA, voilà! We will call you on the phone, for the tenth and final security check, and ask, "Is it really you?" To which you will answer:

"Yes, it's me. It's Bryan. The one and only. Who else would it be?"

You must say this phrase verbatim, except for the name "Bryan" which you should substitute with your actual name, unless your name is Bryan in which case don't change a thing.

After passing voice verification, you will be 100% logged in and able to view and redeem your rewards, including free coffees, donuts, croissant stuffers, snackin' bacon bagel minis, and other 'lil treats.

We thank you for using Dunkin' Rewards, now the world's most secure rewards program.

Also, because we keep getting questions: The hackers that broke into the accounts last month were not able to steal any rewards points, however they were able to access the total number of MUNCHKINS treats you have consumed in the last year.

But thanks to nine-factor authentication, this will never happen again!

Team Dunkin'

Upgrade Your Humor

Get my Ultimate Humor Writing Cheat Sheet: my tips and tricks for writing and publishing humor in The New Yorker, McSweeney's, and Slackjaw.

See my projects at alexbaia.com