« Going one-numbered, while still tinkering with tons of gadgets | Main | How to use an old Mac laptop as a passable external display for a new one »

More bad security: Dumb security questions

I recently created a new account for company whose service is a hybrid of web-era scalability and accessibility combined with metered, nearly-instant access to a physical product... in other words, a site which it's important that my account not be easily compromised, because someone somewhere could run up a bill for services I didn't personally get to use.

During the signup process, I got to the now-standard "Security Question" phase (though, they oddly call it a "Secret" question, even though they'll show it to anyone who pretends to be you having lost your password), and was amused to see this option. Here's what I saw:

Security Question

Yes, they're asking a question for which there are only 50 legitemate answers, for which many individual's friends will have a good chance at guessing correctly .... and then they go one step further, and exclude 3 of the states (Ohio, Iowa and Utah are not 5 characters long).

Fwew. Thanks goodness Ohio (sure to trivially show up, in my case, on an appropriate web search) wasn't long enough, or I might've fallen for it! :)

Technorati Tags:

Post a comment

Verification (needed to reduce spam):