[Dshield] Web Site Authentication
beistle_jr at hotmail.com
Tue Jan 30 19:30:00 GMT 2007
http://www.gao.gov/archive/2000/he00120t.pdf violations aside consider also for those IT gurus the use of SSN like number formats whether actually real ssn or arbitrary numbers will make your data structures of greater interests to those who would be willing to enter your networks illegally or legally. It is it would seem to be a poor practice though even the Federal Government IT applications have also used this approach over the past many (5 or more)decades.
I would strongly advise other means to assist user client logins to use some other method of ident strings that are not tied to the ssn field itself. This would also protect you from other legal concerns should your data files be compromised or made public.
Just a Dinosaur's Thought on an old delimae of adminstrations privacy and access.
> Date: Tue, 30 Jan 2007 09:24:55 -0500
Personalize your Live.com homepage with the news, weather, and photos you care about.
More information about the list