Pat
Follow

-
I just called a major, well known corporation on the phone and the automated system asked me to key-in my web password to get to customer support.

Key-in my password. In the clear. On the phone.

Anyone see an issue with that?

· · 3 · 0 · 5
NotHelpfulUntilIAm🥤 🌛 🗄️

@Pat Might as well consider your web account public

1
Pat

@admitsWrongIfProven

Keying-in the password on the keypad of a phone wouldn't give a listener the exact password because each letter could be one of three, plus upper/lower case, but it would make a brute-force attack a trivial matter.

1
NotHelpfulUntilIAm🥤 🌛 🗄️

@Pat I thought more of the ramifications of such bad policy. Who acts like this probably does more stupid things.

1
Pat

@admitsWrongIfProven

>" I thought more of the ramifications of such bad policy. Who acts like this probably does more stupid things."

I'm seriously considering moving my business to another company because of this.

1
NotHelpfulUntilIAm🥤 🌛 🗄️

@Pat Best of luck with that. In my experience there is what one could call a race to the bottom or, from another angle, quality-fixing (analog to price fixing).

0
Ghost0x0

@Pat bad mojo

0
Sean

@Pat my favorite is when your already on the phone with them and they ask you for a phone number they can text a verification code to. 🤦‍♂️

1
Louis Ingenthron

@sdm350 @Pat That one... actually kind of makes sense. That's a check to make sure you own the actual number and aren't just spoofing their caller ID.
But they should already know the number to text the code to if you're an existing customer.

1
Sean

@LouisIngenthron @Pat precisely, they should use a known number. Ive used a new number before and they had no issue.

0
Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…