> Relying on it is not the problem. Treating it (or "date of birth" or "mother's... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		doktrin on June 12, 2017 \| parent \| context \| favorite \| on: Hackers Are Hijacking Phone Numbers and Breaking i... > Relying on it is not the problem. Treating it (or "date of birth" or "mother's maiden name") as a secret for use in authentication is a big problem. I honestly don't see how you didn't just restate what I said with different language, while simultaneously saying you disagree with me. Either way, I agree, and don't really think this is worth a cyber-argument so not sure if I should even be responding. Oh well.

PeterisP on June 12, 2017 [–]

It would be just fine to rely on SSN as an identifier, even to a much larger scale as USA does now, if only it would be clearly assumed that this number isn't secret.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact