Tuesday, February 15, 2011

ridiculous "security"

Some of this I find personally annoying. Some of this is just plain stupid. I am speaking of the password security requirements for WSDOT's GoodToGo! electronic toll pass.

Password - 10 characters/numbers, at least one upper case character, one lower case character and one number. Password cannot contain spaces or special character.
  • OK. This isn't terrible. It's just personally annoying because my passwords are generally, but not always!) 8 characters long. Enabling special characters makes the passwords stronger, but also theoretically puts a greater burden to the developer to make sure the characters aren't special in a bad way.
Security Questions - must not contain special characters and must be at least 6 characters long and maximum of 16 characters long.
  • What is your sister's middle name (no sister)
  • What is the name of your first pet? (4 characters)
  • In what city were you born (7 characters... phew)
  • What street did you grow up on (has a space, I hope that's OK)
  • What was the make of your first car? (5 characters - about half of cars have makes less than 6 characters long)
  • What was the name of your (first) elementary school? (6 characters, woo!)
  • What is your brother's middle name? (has a special character)
This would be fine if they had security questions that worked well with these requirements. Unfortunately my options are limited. I get to use the city I was born in (which generally brings up confusion as to whether to include the state), the street I grew up on (where there's two options, and my the name of my first elementary school (which I barely remember). Great. Thanks, jerks.

Car makes under 6 characters (FAIL):
  • Acura
  • Audi
  • BMW
  • Buick
  • Chevy
  • Dodge
  • Fiat
  • Ford
  • GMC
  • Honda
  • Jeep
  • Kia
  • Lexus
  • Lotus
  • Mazda
  • Mini
  • Saab
  • Scion
  • smart
  • Tesla
  • Volvo
Cars with makes 6 characters or longer:
  • Aston Martin
  • Bentley
  • Bugatti
  • Cadillac
  • Chevrolet
  • Chrysler
  • Ferrari
  • Hyundai
  • Infinity
  • Jaguar
  • Lamborghini
  • Land Rover
  • Lincoln
  • Maserati
  • Mayback
  • McLaren
  • Mercedes
  • Mercury
  • Mitsubishi
  • Nissan
  • Porsche
  • Rolls-Royce
  • Spyker
  • Subaru
  • Toyota
  • Volkswagen

