[Dshield] Web Site Authentication

Family Beistle beistle_jr at hotmail.com
Tue Jan 30 19:30:00 GMT 2007


http://www.gao.gov/archive/2000/he00120t.pdf  violations aside consider also for those IT gurus the use of SSN like number formats whether actually real ssn or arbitrary numbers will make your data structures of greater interests to those who would be willing to enter your networks illegally or legally. It is it would seem to be a poor practice though even the Federal Government IT applications have also used this approach over the past many (5 or more)decades.
 
I would strongly advise other means to assist user client logins to use some other method of ident strings that are not tied to the ssn field itself. This would also protect you from other legal concerns should your data files be compromised or made public.
 
Just a Dinosaur's Thought on an old delimae of adminstrations privacy and access.
 
Liam Case
TeamAmberAlert Dev



> Date: Tue, 30 Jan 2007 09:24:55 -0500
_________________________________________________________________
Personalize your Live.com homepage with the news, weather, and photos you care about.
http://www.live.com/getstarted.aspx?icid=T001MSN30A0701


More information about the list mailing list