The Underscore Archives

Joel Hughes wrote on Tuesday, December 04, 2007 6:48 PM

> > Yeah, why not ... go ahead.
> > Then maybe you'll be able to figure out my password from 3 random
characters
> > of a minimum of 8 ... because that's all it asks for.
> >
> > Heck I'll make it easier for you ... j, 7, D.
> >
> > Knock yourself out!
> >
> 
> This reminds me of how Natwest Online used to be (or maybe it still is).
> You had to supply 3 different sets of credentials; random this; 4th
> letter from that etc etc. By the time you actually got in you felt you
> had expended as much effort as someone hacking into the Pentagon.
> Exhausting.
> 
> ..for an eCommerce site this is suicide

I disagree (apart from the Natwest bit ... which is still the same btw).
You're having to do one more step than usual, a step which should make you
feel more comfortable about typing in your credit card details. You have
previously picked the password, so no one else knows it ... and you're
basically just being asked to prove it's really you who is using your credit
card.

I use my credit card online several times a week in various places ... all
of which (apart from the aforementioned Amazon) use this system. Personally,
I would be more likely to be concerned with a site that hasn't adopted this
than with one that has.

We've been here before. People were up in arms about having to remember a
pin number so they could shop at Tesco, instead of just signing a little
slip of paper. Yet everyone is used to it now, and would probably sneer at
those (few) shops who haven't adopted this format (God, I have to sign
something!!!). This will be the same, I assure you ... in a short space of
time.

theUKdude