Comments on: With Online Passwords, Dishonesty Can Be the Best Policy

By: Tr.impending Doom | Technologizer

Tr.impending Doom | Technologizer — Mon, 10 Aug 2009 02:47:52 +0000

[...] what Twitter’s long-term URL-shortening strategy is–hey, are there any clues in those stolen documents?–but I hope it intends to start squeezing down its own URLs. For one thing, I have more faith [...]

By: Twitter Security Breach…A Reminder About Keeping Passwords Secure « A Geek Blog

Thu, 16 Jul 2009 15:52:05 +0000

[...] Here – http://technologizer.com/2009/07/15/with-online-passwords-dishonesty-can-be-the-best-policy/ [...]

By: Paul

Paul — Wed, 15 Jul 2009 17:43:54 +0000

For years, I’ve been grumbling out loud (and warning some people) about the practice of using birthdays as a security question. It’s the most easily obtainable piece of personal information. Websites, credit card companies, banks and other institutions use it for identification online or over the phone. Stupid.

Here in the Philippines, the term “middle name” does not refer to one’s second given name (unlike in the US). “Middle Name” usually refers to your mother’s maiden surname. So a lot of (not so private) legal documents, such as driver’s license, display your mother’s maiden name for all to see. And yet the same institutions I mentioned above insist on using it as a security question without regard to local naming conventions. Stupid.

By: Paul

Paul — Wed, 15 Jul 2009 17:43:33 +0000

For years, I’ve been grumbling out loud (and warning some people) about the practice of using birthdays as a security question. It’s the most easily obtainable piece of personal information, and yet, websites, credit card companies, banks and other institutions use it for identification online or over the phone. Stupid.

By: John Baxter

John Baxter — Wed, 15 Jul 2009 15:57:55 +0000

Unfortunately, banks like to collect mother’s maiden name. And then use it years later for online “security”. I’m not sure one can walk into one’s friendly local branch* and say “My mother is now a McGillicuddy, not a Benson.”

*I am fortunate to have two “friendly local branch” banking relationships. Out of two.

By: Peter

Peter — Wed, 15 Jul 2009 15:54:52 +0000

A really good idea and something I’ve been doing for years. I have a set of lies I tell companies that require me to set password reminders.

By: Pascal Cuoq

Pascal Cuoq — Wed, 15 Jul 2009 15:49:50 +0000

My secret question, when the website allows to choose it,
is either “So you forgot your password, you poor bastard?”
or “What is your password?”