Bringing people together:

  • Marc Hedlund: "Yahoo, you IDIOTS! WHAT are you thinking!? If you use birthdate as a means of password recovery, why would you put that information right on a user's home page? If it's supposed to be a shared secret, don't you think you ought to keep it secret?!"
  • Mikel Maron: "I wrote that feature."

Comments

Anyone who is relying on the security of their birthday is probably SOL regardless of which Web sites they use. All it would take is one disgruntled cousin and the next thing you know, the terrorists have won.

just to clarify ... i wrote the "happy birthday" thing, not the password recovery thing. nothing wrong with that -- people's birthdays are usually not a secret.

yes, birthday is not a good security measure. however password recovery requires answering the "secret question" as well.

Add a Comment

These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. A comment may not include more than three links. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).