Bringing people together:
Anyone who is relying on the security of their birthday is probably SOL regardless of which Web sites they use. All it would take is one disgruntled cousin and the next thing you know, the terrorists have won.
just to clarify ... i wrote the "happy birthday" thing, not the password recovery thing. nothing wrong with that -- people's birthdays are usually not a secret.
yes, birthday is not a good security measure. however password recovery requires answering the "secret question" as well.