Security Without Idiocy, Part 2.5
I was trying to look up my pay rate on an internal site at work. I had not logged in recently, so I could not recall my password. No problem, there's a "send me my password" link. Only, it takes three to four weeks and sends it by snail mail to my home address. I recognized this as a so-called security feature.
Now, I am presently over 2700 miles away from home, on the other side of the country. If I was home, I could just read it off of my pay stub. But that isn't what bothers me the most: what happens each year in March and April? Thieves steal tax refund checks from mailboxes. What is one of the ways identity thieves get your information? They steal those unsolicited credit card approval offers from your mailbox.
What are some alternatives? Send it to my internal e-mail address, where only I can pick it up. Call my telephone number (in my personnel records). Call my next-of-kin (in my personnel records) to find out how to get it to me. Tie it into the login name & password I already have. Call the office nearest my home and ask someone there where I am. Just do not send supposedly secret information in a way that may or may not arrive and then once it arrives, may or may not be stolen before I collect it.
Entry filed under: Society.