Hacker News new | ask | show | jobs
by jonreem 2991 days ago
Who in the world thought this was a good idea!? I can hardly think of a less secure way to ask security questions. You should name and shame; there’s a minimum bar everyone should uphold and this is far below it.
3 comments
ggg9990 2991 days ago
The problem they were trying to solve is someone typing in “Woodbridge Lane” as the answer and then later typing “Wood Bridge” or “Woodbridge Ln” or “Woodbridge Ln.” when prompted.

This was the wrong solution.

link
maaark 2990 days ago
The real problem is that "security questions" are bad security.
link
Double_a_92 2991 days ago
Because calculating a Levenshtein distance is to complicated...
link
suprfnk 2990 days ago
Still rather unsafe, right? "Cambridge" would be closer to "Woodbridge" than "Woodbridge Lane".
link
ggg9990 2990 days ago
But randomly guessing Cambridge is not that likely. A bit of a pointless exercise though since security questions are dumb.
link
theseatoms 2991 days ago
Someone who had no skin in the game.
link
nkrisc 2990 days ago
If my bank had such weak security I wouldn't want to tell the internet where I bank.
link