dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6046
share rss forum feed


Cheese
Premium
join:2003-10-26
Naples, FL
kudos:1
reply to Name Game

Re: Secret Security Questions Are a Joke

such a beautiful cat!


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

reply to DrDrew

That customer code on the bill is NOT my pin number. Plus, Oceanic has a sign now (where the line starts) when you go into pay your bill that you need to know your pin number because the CSR will ask for it (although they don't ask me for it...but then they all know me). That is the same as with my bank and the security question. The bank asks for it when you are there IN PERSON. Photo ID is not acceptable by itself. PIN must be supplied at the bank and (according to their new sign) at Oceanic customer service desk. Your PIN for Oceanic is 4 numbers but not what is on your bill. Your PIN wouldn't be on your bill for anyone who had access to your bill to see. Besides, your pin would be chosen by you not assigned by Oceanic which is how that customer code is arrived at...it is assigned by Oceanic.

That Customer code is for those who have TWC phone service which I do not have. The FCC regulation of CPNI applies to phone service not to internet service. So, I still don't know why SOMETIMES Oceanic has asked for my pin when I have called about a Road Runner problem. I don't get the point of the FCC's requirement if it also applies to something like internet service. You can change your internet service via email and no pin number is asked for. Seems to me the FCC regulation is to protect from outside parties getting access to the phone calls you have made. Another reason to keep a landline (with unpublished and unlisted number even though the monthly fee for that has more than doubled starting next month). Bundling things is never a good idea privacy wise.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Snowy

Click for full size
said by Snowy:

said by dave:

And of calling the email provider to reset my password because Site A was the 10th site I've been changing my password on today, and all those wrong-password probes from Sites ABCDEFGHIJ have locked out my email account.

We are talking about security/account hijacking.
Looks good to me.

Friend of mine was going to do that last week..but alas we lost him...was a good man..we all knew him well He did give me the answers to all his security question.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable

said by Name Game:

He did give me the answers to all his security question.

He messed with your head till the end, goodhearted trooper that he was.
Here's the answers to 3 of my security questions that I can recall.
1. Alice
2. Rust
3. nowayjose


norwegian
Premium
join:2005-02-15
Outback

1 recommendation

Post your passwords to facebook, they should be safe there for when you forget - even list the site they are for in categories.

/sarcasm



Burntone

@rr.com
reply to antdude

You should NEVER make the answers to security questions "real" or true.

Some sites allow you to create your own question, make sure the answer doesn't make any sense related to the question.

Hey we still have people that use the same password for everything, enter all their personal information responding to an email from their "Bank", and give their bank information so their "winnings" can be deposited into their account .


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

Why not answer them truthfully? No one would know my mother's maiden name or my father's astrological sun sign, etc. Maybe for you tons of people know your mother's maiden name and your father's astrological sun sign but that doesn't mean this would necessarily be true for other folks. Common sense needs to be applied by each person answering security questions. It is not a blanket deal.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

1 recommendation

I feel fairly safe since I didn't grow up in this country and am not famous, so the average hacker would have a hard time finding out where I went to 'high school', or even if I ever went to anything called a high school.

The only risk is that the pool of possible questions seems a little small, so the 'high school' question is apt to show up on multiple sites; it's therefore got the same risk factor as username-and-password reuse.



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1
reply to Kilroy

said by Kilroy:

I don't have a better solution, other than don't forget/lose your password.

Lose you password, go to a local agent (bestbuy, apple store, dell store) and show your state issued photo ID or passport.

Edit: actually a local bank would probably do nicely as "local id agent".
--
--Standard disclaimers apply.--
The preceding posting is null and void in Arizona and any other jurisdiction where prohibited by law.