And god do I hate every second of it. My bank is the worst offender, because they allow me to log in, look at my balances and everything. It is until I decide to transfer funds from savings to checking, do they suddenly decide “WAIT! VERIFY YOUR IDENTITY!”. All the while that I’m logged in!
Trying to call customer support to a car dealership to discuss changing dates on your lease? Welp, be prepared to know your child’s name, your state, your blood sample and all other shit just to reach an agent so you can ask one simple question.
Google sucks balls for this too, obviously. Can’t just simply sign in anymore, nope, gotta go find your phone and tell that, that it’s you trying to log in and then you can go in.
Not to mention the amount of fucking codes we have to enter along the way. This shit piles up, people. We waste minutes to hours, collectively, on doing this shit.
On the matter of information security, but also security in general:
Pick two.
Removed by mod
Try to campaign for and get up and running such a nationwide government issued ID system and then tell me how inexpensive it was to do. :P
Removed by mod
Most countries already have roads. That doesn’t make them inexpensive, just means the cost was already paid.
Removed by mod
Ugh no I hate logging in with my government issued id card and that weird custom certificate that needs to be manually installed. Plus i would need to get up, search for my wallet, take out the card and insert it in the reader
Do you really trust a Government to keep your data secure?
How is such a card anything other than a universal identification card, which can then be stored by all and sundry as “proof”, right until one of them gets hacked and your card needs replacing … everywhere.
I think I’ll pass.
The OPM hack a few years ago says they already can’t.
https://en.m.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach
Lol, thanks! I knew what I meant, so clearly everyone must know what I meant! :face palm:
Removed by mod
I understand your point. I’m not sure that you understood mine.
Let’s say that we do as you say. To issue the signature, the Government would need to verify your identity, which as you point out, they already can. Here’s the kicker. After verification, the signature is now linked to those same details in their systems. This makes them a massive target. One that they are ill-equiped to deal with.
That’s why I am not a fan of this idea.
The exception is password managers. It’s a very rare tool that makes things more secure and easier.
Your OS probably comes with one, and if not there are cheap or even free ones available.
That would be fine, I can live with choosing two of those for any given account.
What I hate is when the company offering the service forces its choice on me. I may be reliant on logging into some specific account without access to my phone, but then along comes company X and says “NOPE! Your account security is more important than you being able to access your own stuff. We’re completely on board with locking you out of your own accounts in the name of security.”
To be clear, I’m talking about personal accounts. Those on a network where I’m responsible for preventing a breach are another matter of course.