Ridiculous safety or not
-
I have a service provider whose site for paying my bill is ridiculous. I sign in an then watch a doughnut spin forever. Basically, I put it on a separate screen or sit down and watch a movie or two. Occasionally it will pop up a dialog asking if I am still there. My first thought is that it is some sort of VM, and my second thought is that this is BS. There are many sights that have multiple ways to ensure you are you (location, email, text, etc.). None of them require you to sit back an wait for them to eventually let you in to pay your bill. I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
-
I have a service provider whose site for paying my bill is ridiculous. I sign in an then watch a doughnut spin forever. Basically, I put it on a separate screen or sit down and watch a movie or two. Occasionally it will pop up a dialog asking if I am still there. My first thought is that it is some sort of VM, and my second thought is that this is BS. There are many sights that have multiple ways to ensure you are you (location, email, text, etc.). None of them require you to sit back an wait for them to eventually let you in to pay your bill. I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
Quote:
There are many sights
That must be spelled like this: There are many sighs :-\
-
I have a service provider whose site for paying my bill is ridiculous. I sign in an then watch a doughnut spin forever. Basically, I put it on a separate screen or sit down and watch a movie or two. Occasionally it will pop up a dialog asking if I am still there. My first thought is that it is some sort of VM, and my second thought is that this is BS. There are many sights that have multiple ways to ensure you are you (location, email, text, etc.). None of them require you to sit back an wait for them to eventually let you in to pay your bill. I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
John R. Shaw wrote:
I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
So knock up a library/plug-in for it, and charge several times what you think it's worth (if it's cheap, people won't trust it). You've put the idea out there, now, so you'd better hurry, before someone else gets early retirement from it.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Quote:
There are many sights
That must be spelled like this: There are many sighs :-\
Really, one word. I spelled sites wrong, so what?
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
-
John R. Shaw wrote:
I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
So knock up a library/plug-in for it, and charge several times what you think it's worth (if it's cheap, people won't trust it). You've put the idea out there, now, so you'd better hurry, before someone else gets early retirement from it.
I wanna be a eunuchs developer! Pass me a bread knife!
:laugh: You think I am the first person that thought of that. I doubt that cracker's are going to request more services or a change of address. But one level entry point is a security issue, no matter how you phrase it.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
-
:laugh: You think I am the first person that thought of that. I doubt that cracker's are going to request more services or a change of address. But one level entry point is a security issue, no matter how you phrase it.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
John R. Shaw wrote:
You think I am the first person that thought of that.
It's bleeding obvious but it's not ubiquitous, so either no-one has thought about doing it like that or no-one has done it. All it needs is a little div, about the same size and shape as the godawful recaptcha thing, that allows the site owner to easily wire it up to accept context-sensitive user names and passwords. Sites that currently do things like that don't exist (from what I've seen), and pre-written password-entry scripts are mostly unsafe, too simple, or so complicated to use that you might as well write your own -- and making them context sensitive would be an exercise in futility, because they only do the easy bit. You want better: write it, sell it. Don't give it away, because many business don't like trusting this kind of security to unsupported freeware.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Really, one word. I spelled sites wrong, so what?
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
You odviously have to do a site better, if your posting in the CP Lounge. People can be very critical they're.
I wanna be a eunuchs developer! Pass me a bread knife!
-
You odviously have to do a site better, if your posting in the CP Lounge. People can be very critical they're.
I wanna be a eunuchs developer! Pass me a bread knife!
Mark_Wallace wrote:
People can be very critical cynical
FTFY :rolleyes: :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
Quote:
There are many sights
That must be spelled like this: There are many sighs :-\
People Who Constantly Point Out Grammar Mistakes Are Pretty Much Jerks, Scientists Find[^] That makes you a scientifically proven jerk! :D
Best, Sander sanderrossel.com Migrating Applications to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
Mark_Wallace wrote:
People can be very critical cynical
FTFY :rolleyes: :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
Nelek wrote:
Mark_Wallace wrote:
People can be very critical cynical
FTFY :rolleyes: :rolleyes:
I'm sure I have no idea what you mean :cool:
I wanna be a eunuchs developer! Pass me a bread knife!
-
I have a service provider whose site for paying my bill is ridiculous. I sign in an then watch a doughnut spin forever. Basically, I put it on a separate screen or sit down and watch a movie or two. Occasionally it will pop up a dialog asking if I am still there. My first thought is that it is some sort of VM, and my second thought is that this is BS. There are many sights that have multiple ways to ensure you are you (location, email, text, etc.). None of them require you to sit back an wait for them to eventually let you in to pay your bill. I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
Something I always try to get through to telephone bill paying 'personnel'. If someone wants to pay my bill, don't worry about their ID - just take their money. I mean really!
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Really, one word. I spelled sites wrong, so what?
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
Ok, I forgive you and must admit that even I sometimes make spelling mistakes, but hey I'm Dutch :-\ btw. bonus points for quoting Edsger Dijkstra.
-
People Who Constantly Point Out Grammar Mistakes Are Pretty Much Jerks, Scientists Find[^] That makes you a scientifically proven jerk! :D
Best, Sander sanderrossel.com Migrating Applications to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
What would this world do without jerks :-\
-
I have a service provider whose site for paying my bill is ridiculous. I sign in an then watch a doughnut spin forever. Basically, I put it on a separate screen or sit down and watch a movie or two. Occasionally it will pop up a dialog asking if I am still there. My first thought is that it is some sort of VM, and my second thought is that this is BS. There are many sights that have multiple ways to ensure you are you (location, email, text, etc.). None of them require you to sit back an wait for them to eventually let you in to pay your bill. I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
John R. Shaw wrote:
I propose a two level login. A login to pay the bill and a login to access account information. Most of the time you just want to pay your bill, so if someone compromised that password - who cares. If they want to pay the bill for you - let them.
My car and home insurance bill works like that. You only need to know the account number to pay it. Partial or full payment. Hmmmm I suppose there is a problem there. Okay, nothing to see here. Move along.
I'm retired. There's a nap for that... - Harvey
-
Mark_Wallace wrote:
People can be very critical cynical
FTFY :rolleyes: :rolleyes:
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
How did they miss "they're".
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
-
Something I always try to get through to telephone bill paying 'personnel'. If someone wants to pay my bill, don't worry about their ID - just take their money. I mean really!
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
Exactly! Who cares who is paying the bill, as long as if gets payed.
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
-
How did they miss "they're".
INTP "Program testing can be used to show the presence of bugs, but never to show their absence." - Edsger Dijkstra "I have never been lost, but I will admit to being confused for several weeks. " - Daniel Boone
Thread got in the 3rd page and they are also lazy? ;P
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
