Educause Security Discussion mailing list archives

Re: Self-Service Password Reset Practices

From: John Kristoff <jtk () NORTHWESTERN EDU>
Date: Thu, 28 Jul 2005 09:33:35 -0500

On Mon, 25 Jul 2005 15:23:38 -0400
"clementz.7" <clementz.7 () OSU EDU> wrote:

Instead of the whole ssn number we just use the last four.


That is only a slight improvement.  Since SSNs are assigned based on
the state of issuance and the first 3 digits refer to that state (with
some states having only a single 3 digit value) the last 4 digits may
still be useful to an identity thief.

John

Current thread:

Self-Service Password Reset Practices Russ Wade (Jul 25)
- <Possible follow-ups>
- Re: Self-Service Password Reset Practices Lucas, Bryan (Jul 25)
- Re: Self-Service Password Reset Practices Chad McDonald (Jul 25)
- Re: Self-Service Password Reset Practices clementz.7 (Jul 25)
- Re: Self-Service Password Reset Practices Cal Frye (Jul 25)
- Re: Self-Service Password Reset Practices Gary Dobbins (Jul 26)
- Re: Self-Service Password Reset Practices John Kristoff (Jul 28)
- Re: Self-Service Password Reset Practices Scott Fendley (Jul 28)