Monday, December 10, 2007

A new twist on passwords (a bad one)

Booking some travel at Priceline, I saw the following

This is twisted.

Not only is a password authentication equated with the type of question typically used as part of a password reset (with security supplemented through a known verified email address), but Priceline explicitly encourages the user to provide their 'preferred' password, i.e. the same one they use everywhere else.

1 comment:

Unknown said...

A good catch....a big "faux pas"