On Saturday I witnessed a bit of unintended comedy. While I was helping our neighbor, Cy, set up his DSL connection he went through one of those standard setup questionaires: name, password, etc, and of course the very popular secret question. This form gave a fairly long but mundane set of potential secret questions. I am going to skip the discussion about how secret questions tend to not be all that secret, it is too easy of a target.
Cy decided to use the secret question "What was your mother's maiden name?", then he proceeded to type in the four letter family name from his mother's family. Upon clicking the "Next" button, an error message explained "Your Secret Answer must be 6 or more digits".
I started chuckling immediately. Fortunately Cy was able to find another secret question with an answer that was long enough. However, if his first pet was named Rex, and his first job was as a cook (or chef), and the first street he lived on was Oak, etc then it could have been a big problem! I understand making passwords be of a certain length, but when you answer a question, you do not have control over the length.
This could be the jumping off point for a whole discussion of identity: how broken the system (or lack thereof) is, but I would prefer to leave it for today at the simple point that requiring a certain length answer to a question is just plain dumb... uh, silly... wait, idiotic...
Subscribe to:
Post Comments (Atom)
1 comment:
Thanks for the blog article.Much thanks again. Fantastic.
MySql Admin training
MYSQL online training
MYSQL training
OBIEE online training
OBIEE training
Oracle 11g rac online training
Oracle 11g rac training
Oracle Access Manager online training
Oracle Access Manager training
Post a Comment