|
|
|
|
|
|
by downer61
2988 days ago
|
|
|
Hashing a salted string of "an answer" usually works. Phone operators try to ask you the question, though, and you sit there for five minutes reading off hundreds of characters, and everyone is suddenly having a bad day, which I find hilarious. The people that expect you to maintain retardedly formatted passwords with stupid character mixtures, and expiration/re-use rules are obstacles, and I like making them as miserable as they make me. The obvious corollary though, is that there really are organizations with systems that using publicly available information about, mixed with misinformation to see if you can discern an "accurate-ish" (which is sometimes not correct at all, even if you know what they think the correct answer is), and they don't even give you options about what public information they're going to select, to verify your identity. It's usually a brief questionnaire about previous addresses, associated last names, states you paid your taxes in, and it deeps the impression that there are simply gaping, flawed security gaps at the core of everyone's financial factoids, because it's also sourced from poorly conceived paper-based bureaucratic files that never had any hope of being accurate from the outset. |
|
|
The person on the other end of the phone had nothing to do with it.