Slashdot Mirror

← Back to Stories (view on slashdot.org)

T-Mobile Stores Part of Customers' Passwords In Plaintext, Says It Has 'Amazingly Good' Security (vice.com)

Posted by BeauHD on from the shocking-admissions dept.

T-Mobile Austria admitted on Twitter that it stores at least part of their customer's passwords in plaintext. What this means is that "if anyone breaches T-Mobile (it's only a matter of time), they could likely guess or brute-force every user's password," reports Motherboard. "If the passwords were fully encrypted or hashed, it wouldn't be that easy. But having a portion of the credential in plaintext reduces the difficulty of decoding the hashed part and obtaining the whole password." From the report: "Based on what we know about how people choose their passwords," Per Thorsheim, the founder of the first-ever conference dedicated to passwords, told me via Twitter direct message, "knowing the first 4 characters of your password can make it DEAD EASY for an attacker to figure out the rest." T-Mobile doesn't see that as a problem because it has "amazingly good security." On Thursday, a T-Mobile Austria customer support employee made that stunning revelation in an incredibly nonchalant tweet. Twitter user Claudia Pellegrino was quick to point out that storing passwords in plaintext is wrong, but another T-Mobile customer rep didn't see it that way. "I really do not get why this is a problem. You have so many passwords for every app, for every mail-account and so on. We secure all data very carefully, so there is not a thing to fear," the rep wrote back.

71 comments

  1. So much winning by Anonymous Coward · · Score: 0, Flamebait

    We’re going to win so much, you’re going to be so sick and tired of winning

  2. Why? by Roger+W+Moore · · Score: 2

    Why would you store the first four characters of every password? Obviously, it is a serious security hole but what possible use is having four letters of a password for the company itself?

    1. Re:Why? by 93+Escort+Wagon · · Score: 2

      Probably as a "hint" they can provide to the customers who call and say "Help! I don't remember my password!" However that is an extremely stupid position to take.

      Also, this quote was mind-boggling:

      "I really do not get why this is a problem. You have so many passwords for every app, for every mail-account and so on. We secure all data very carefully, so there is not a thing to fear"

      This person responded to a question regarding a demonstrably insecure practice basically with the tautological claim "it's not a insecure practice because we don't do insecure practices"?!

      --
      #DeleteChrome
    2. Re:Why? by ZorinLynx · · Score: 1

      This is definitely NOT a good reason to do this, but it's a possible explanation.

      Some password policies have a rule that says your password can't be too similar to your last few passwords. It's easy to determine if your new password is similar to the last one, because you just entered the last one to change it. But without saving part of the plaintext there's no way to know (if a good hash algorithm is used) if the new password is similar to one used two passwords ago.

      So maybe they're using to try to enforce a misguided password changing policy. Either way, it's a horrible idea.

      Note: If ANY site forces a password change and denies it because the new password is too similar to "a previous password" and it's NOT the old password you JUST entered to change, it means they're storing passwords in plaintext somewhere or using a reversible hash. Some sites will save several old hashes but this will only deny a password if it perfectly matches the previous one.

    3. Re: Why? by Anonymous Coward · · Score: 1

      So the rep can say...i see the first four letters of your password are "abcd", please confirm the rest for me so I can better assist you. ðY

    4. Re: Why? by Anonymous Coward · · Score: 0

      So the rep can say...i see the first four letters of your password are "abcd", please confirm the rest for me so I can better assist you. ðY

      Perhaps you could provide some proof to back up this crappy theory that I've never heard used anywhere.

    5. Re: Why? by Anonymous Coward · · Score: 0

      I don't think it's the password for the online portal but for the support verification. Still a stupid idea but not as horrible as some of the comments make it to be.

      Further they 2 factor authenticate you as well so if someone was determined, T-Mobile wouldn't be the one to blame about your poor data security practices

    6. Re:Why? by Anonymous Coward · · Score: 0

      Why would you store the first four characters of every password?

      Storing any of a password in plaintext isn't for any actual security purposes, that's for sure.

      This will be for some idiotic "convenience" use, but there's no defensible reason to have any part of a password stored in the clear.

      Whoever did that was incompetent when it came to security.

      Anybody who does this and claims to have excellent security is too stupid to be working in anything even remotely resembling security.

      If I have the first 4 characters of your password, and know the length, you've reduced my search space by orders of magnitude -- to fairly trivial brute force techniques in fact.

      That's ridiculous.

    7. Re: Why? by Anonymous Coward · · Score: 0

      There's no need to store the old password to do a similarity check. Just try modifications of the new password and compare to the old hash.

    8. Re:Why? by Anonymous Coward · · Score: 0

      1234 guess the last one --- hint : using the same for my luggages

    9. Re:Why? by Zontar+The+Mindless · · Score: 1

      Already tagged this story with famouslastwords.

      --
      Il n'y a pas de Planet B.
    10. Re:Why? by Anonymous Coward · · Score: 0

      Anus.

    11. Re: Why? by Anonymous Coward · · Score: 0

      You know that changing just one letter will produce completly different hash?:)

    12. Re: Why? by Anonymous Coward · · Score: 0

      This is stupid but nothing new in Austria and Germany. My provider (3 Austria) , does pretty much the same from what I can guess when you need to use their recovery service or they ask you for parts of your password. Not to mention the password length is limited to 6 characters or so, because people forget it all the time.

    13. Re:Why? by Calydor · · Score: 1

      So save the OLD, no longer valid password for future comparison purposes.

      Still a terrible idea (Oh hey, this one was 'sickofthis13', let's try 'sickofthis14') but better than keeping part of an active, valid password open for anyone to see.

      Imagine if you found out that Trump's password started with 'make*****************' ... what do you think the full password is?

      --
      -=This sig has nothing to do with my comment. Move along now=-
    14. Re:Why? by alex3772 · · Score: 1

      They store it for authentication via telephone. If a customer calls them he has to authenticate himself by giving the call center operator the first four digits of the password.

    15. Re:Why? by Anonymous Coward · · Score: 0

      Imagine if you found out that Trump's password started with 'make*****************' ... what do you think the full password is?

      Obviously it would be "makethemgrabthembythepussy"

    16. Re:Why? by Anonymous Coward · · Score: 0

      To make it easier for hackers to break into it of course.

    17. Re: Why? by TheRaven64 · · Score: 1

      His idea is that you start with the new password, unhashed. Then you permute it in various ways and hash it. If any of these permutations gives the old hash, then you reject it. If not, then you hash it, store it, and scrub memory very carefully to erase all copies of the permuted unhashed password.

      --
      I am TheRaven on Soylent News
    18. Re:Why? by Anonymous Coward · · Score: 0

      Still not necessary to be storing plaintext. You could have two hashed forms. One is first four, one is the full thing. Call center agent's form is hashed and hashes are compared on the server.

    19. Re: Why? by Anonymous Coward · · Score: 0

      This is the most retarded thing i've ever heard.

      In no way is it ever a good idea to store any passwords without securely hashing them. Shouldn't keep records of old passwords either. When you are compromised then the old passwords leak, which can be bad for the users in the long run.

      There is zero good reasons to store old passwords.

    20. Re: Why? by Anonymous Coward · · Score: 0

      That is not possible, login passwords are not stored and you need to reset password if you forget it. There is also other password used for contact center etc that is written on the contract, that is handled differently.

  3. Uh oh by Anonymous Coward · · Score: 0

    Famous last words.

    1. Re:Uh oh by Z00L00K · · Score: 1

      T-Mobile is now a prime hacker target.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  4. Nothing like painting a target on your back by slickwillie · · Score: 1

    I think some (Russian) crackers might take this as a challenge.

  5. That's outrageous by DigitAl56K · · Score: 1

    T-Mo have had problems with number hijacking/SIM-re-issue, malicious porting out of numbers to other networks, and now I find that they're storing passwords partially in plain text?

    What the actual F, T-Mobile?!

    1. Re:That's outrageous by DigitAl56K · · Score: 1

      Update: T-Mobile reps are denying storing them in plain text on Twitter so this may be a miscommunication gone out of hand.

    2. Re:That's outrageous by Anonymous Coward · · Score: 0

      T-Mo has had. You pigeon fucker.

    3. Re: That's outrageous by Type44Q · · Score: 1

      You pigeon fucker

      That just doesn't have the right ring to it, I'm afraid.

    4. Re: That's outrageous by retchdog · · Score: 1

      That just doesn't have the right ring to it, I'm afraid.

      hey, any cloaca will do in a pinch.

      --
      "They were pure niggers." – Noam Chomsky
  6. conference dedicated to passwords. by phantomfive · · Score: 1

    I feel like an entire conference dedicated to passwords is maybe a little too specialized. Apparently enough people disagree with me, though. I wonder what kind of research they are doing.

    --
    "First they came for the slanderers and i said nothing."
  7. That's not really how passwords are cracked by h33t+l4x0r · · Score: 2, Interesting

    knowing the first 4 characters of your password can make it DEAD EASY for an attacker to figure out the rest.

    Assuming the password database is leaked and someone wants to crack *just yours* I suppose they'll get it faster.
    But if you used a good password it won't happen for a long time and by then hopefully you will have been alerted to the leak.

    1. Re:That's not really how passwords are cracked by complete+loony · · Score: 1

      Lets assume your password is made up of random characters from the entire 90(ish) printable ascii characters. An 8 character password has a 1 in 10^15 chance of any guess being correct. A 4 character password is only 1 in 10^7.

      Chances are that your password doesn't use the entire character set, and probably contains a word to make it more memorable. So that the remainder of your password is partially predictable from the first four characters, which is even worse.

      Sure you'd probably have to hack the password cracker's code to work with these prefixes, but that shouldn't be too hard.

      --
      09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
    2. Re:That's not really how passwords are cracked by Anonymous Coward · · Score: 0

      > if you used a good password

      Well that right there is an assumption that will absolutely, positively, 100% without a doubt never backfire.

    3. Re:That's not really how passwords are cracked by h33t+l4x0r · · Score: 0

      Let's assume the passwords get cracked all at once. Against a dictionary or brute force, the easy ones will get cracked right away. The medium ones will take longer. The good ones will take forever. The first 4 being saved in plaintext doesn't really change that.

    4. Re:That's not really how passwords are cracked by complete+loony · · Score: 1

      Reducing your password strength by 10^7 is huge. Even the most intensive brute force search will crack passwords 10 million times faster.

      --
      09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
    5. Re:That's not really how passwords are cracked by Anonymous Coward · · Score: 0

      The thing is that password strength increases exponentially, exposing 4 characters is a massive reduction in password strength.

      a random 16 character password is practically impossible to bruteforce, a 12 character one is not.

    6. Re:That's not really how passwords are cracked by Dutch+Gun · · Score: 1

      and by then hopefully you will have been alerted to the leak.

      Companies have been known to sit on this type of information for many months, sometimes even *years*, so I'm not sure that's something we can rely on.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    7. Re:That's not really how passwords are cracked by AHuxley · · Score: 1

      Set a limit on the length of password actually used internally :) Let user type in a poem every time and have it accepted within the GUI.
      A small set of data in plain text just got the time needed way down if the actual used pw length is near the plain text.

      Add in years of discovered word lists and that time could go down more.

      --
      Domestic spying is now "Benign Information Gathering"
    8. Re:That's not really how passwords are cracked by h33t+l4x0r · · Score: 1

      Except that it doesn't do that in most scenarios. It only does it if the data has been leaked and someone wants your password specifically out of the millions that were leaked.

    9. Re:That's not really how passwords are cracked by complete+loony · · Score: 1

      If passwords have been salted, every password must be attacked separately anyway.

      To put this in plain english, leaking 4 characters of the password might reduce the attack from something google couldn't do, even with all of their available CPU's, to something you can easily do on a single raspberry pi. That's the difference in computational complexity we're talking about here.

      Yes, obviously this requires a data leak, and breaking the "encryption" method on the stored password fragment. But that's why we hash passwords anyway.

      --
      09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
  8. Front line reps clueless by cascadingstylesheet · · Score: 1

    Front line reps clueless, news at eleven. Maybe they use the first four for phone identity verification?

  9. "AT LEAST" part... by jtara · · Score: 4, Funny

    Reading between the lines, it sounds like they store the entire password in plain text.

    Hello Claudia! The customer service agents see the first four characters of your password. We store the whole password, because you need it for the login for http://mein.t-mobile.at/

    Now, it might be that the agent doesn't understand that passwords aren't normally stored in plain text. You don't "need" to store passwords in order for users to log-in with their password. But that's hard for non-technical people to understand.

    They had to go out of their way if they've stored the first four characters in plain text! They'd need an additional attribute in a database table just for that, and I just can't imagine this happening without every developer within shouting distance noticing and objecting. There would have to be a very good reason, and there would have to have been a great deal of discussion and justification.

    I would love to hear the "why" if this is actually the case.

    You don't need the password in plain-text to deal with lost passwords. You have a protocol for the customer to prove their identity, and then you provide a way to reset the password - whether directly by the customer or manually be a customer service rep.

    Please, every T-Mobile customer: please change your password RIGHT NOW to f*** + 12 random characters!

    1. Re:"AT LEAST" part... by Koutarou · · Score: 1

      For certain types of authentication you do need to store plaintext passwords - the traditional two types of logins used for dialups/pppoe are PAP and CHAP. PAP allows you to have password hashes on the auth server but transmits plaintext on the wire/air. Conversely CHAP hashes on the wire/air but requires the plaintext password to be available on the auth server due to the nature of the protocol. You choose your points of vulnerability.

    2. Re:"AT LEAST" part... by Anonymous Coward · · Score: 0

      For certain types of authentication you do need to store plaintext passwords -

      They can always be encrypted and authenticators can always later decrypt as needed to authenticate users.

      the traditional two types of logins used for dialups/pppoe are PAP and CHAP. PAP allows you to have password hashes on the auth server but transmits plaintext on the wire/air. Conversely CHAP hashes on the wire/air but requires the plaintext password to be available on the auth server due to the nature of the protocol. You choose your points of vulnerability.

      Agility in authentication protocol choice is a good reason not to hash passwords. Another good reason is hashing simply doesn't work. End users always pick sucky passwords with insufficient entropy to withstand brute force campaigns.

      There is no inherent security tradeoff between plaintext storage and authentication protocol strength. A really shitty example is Windows systems store password hashes in NT OWF form and this doesn't preclude the use of (Microsoft) CHAP.

      All CHAPs including Kerberos are SHIT and should never be used. It's all quite worthless nonsense the same story with hashes and modern day amplified salted schemes everyone is in love with. They are not an acceptable solution to protecting passwords. Using the fact passwords are hashed as an insurance policy is as indefensible a strategy as storing plaintext passwords. Why? BECAUSE USERS ALWAYS PICK SUCKY PASSWORDS.

      The use of any and all CHAP based authentication protocols regardless of the selection of cryptographic algorithms comprising the protocol expose users to brute force campaigns and therefore should NEVER be considered fit for purpose.

      Real authentication protocols not fundamentally broke such as ZKP based PAKEs also don't require plaintext access. They only need a verifier to be generated which is semantically equivalent to a hash. While the verifier can't be reversed without a brute force campaign and can't be used to gain access it CAN be leveraged to defeat mutual authentication property putting users at risk of unwittingly communicating with the WRONG party.

      Therefore even when using a secure authentication protocol and even when operating under the delusion that hashing is an acceptable security measure you still must protect the "hash" from compromise. This generally means use of reversible encryption and single function authenticators isolated from applications. This is really what everyone here should be advocating instead of more insane bullshit about "secure" Pbkdf2.

    3. Re:"AT LEAST" part... by Anonymous Coward · · Score: 0

      I fail to see that hashing passwords is an indefensible strategy. Your claim that users always pick sucky passwords is false. I will grant that the proportion of users who use good passwords is very low, but I, and I expect you as well, would be counterexamples.

      Having a long and strong password or passphrase hashed in the database means it is not a trivial feat for an attacker to use your credentials. They might be able to bruteforce a non-zero number of users with these strong passwords, but accessing them all would be infeasible. However if the passwords are in plaintext then attackers would have free reign over all accounts.

      Hashing the passwords is thus a practice that can benefit some of the users. Moreover the cost of implementation is insanely low, so not hashing the passwords is really indefensible strategy.

    4. Re:"AT LEAST" part... by pD-brane · · Score: 2

      please change your password RIGHT NOW to f*** + 12 random characters!

      I don't understand. "T-Mobile" are not 12 random characters.

  10. Don't lots of sites do this? by mattventura · · Score: 1

    I sear every bank has some characters you can't use in a password and/or an unreasonably short maximum length, leading me to believe that there are far too many sites that either store in plaintext or have other glaring security flaws like not escaping user input.

    1. Re:Don't lots of sites do this? by phantomfive · · Score: 1

      Banks seem to favor "following the rules." Following the rules doesn't yield good security in software, because we haven't found the right rules yet. It's still a game of cat and mouse.

      "Following the rules" works for physical security, and accounting for thousand of other peoples' money, but we've had literally thousands of years to figure out what rules to follow in those cases. Following outdated rules in computer security is bad practice.

      --
      "First they came for the slanderers and i said nothing."
  11. It's so easy to do it right by Tinsoldier314 · · Score: 1

    It's weird, I mean, it's like 3 lines of C# (and probably many other languages) to convert a string to a secure Pbkdf2 hash. Add some bounds checking and other DB nonsense (for a whole separate DB column for the password parts presumably?) and their approach is even more complex to implement. I'm sure someone could do it all in one line, the point is it's not hard to do it right, it's not like they saved hundreds of man-hours. It's like no one even cared.

    1. Re:It's so easy to do it right by WaffleMonster · · Score: 1

      It's weird, I mean, it's like 3 lines of C# (and probably many other languages) to convert a string to a secure Pbkdf2 hash.

      Pbkdf2 is only as "secure" as the password it protects.

    2. Re:It's so easy to do it right by Tinsoldier314 · · Score: 1

      Well in this case Pbkdf2 would provide at least 10,000 to 50,000 times more protection than their approach for the same password.

    3. Re:It's so easy to do it right by WaffleMonster · · Score: 1

      Well in this case Pbkdf2 would provide at least 10,000 to 50,000 times more protection than their approach for the same password.

      So what?

    4. Re:It's so easy to do it right by Tinsoldier314 · · Score: 1

      So what?

      Not sure if you're trolling, unaware or making some sort of pedantic argument. Key stretching and adaptive hashing are considered best practice and here's a couple references to read up on including some from TFA. These solutions will partially mitigate the impact of weak passwords.

      http://plaintextoffenders.com/...
      https://codahale.com/how-to-sa...
      https://nakedsecurity.sophos.c...

  12. Re:bank "passwords" by jtara · · Score: 1

    It's not the same. And I wish they wouldn't call it a password.

    Many banks offer an additional level of protection, by allowing you to add a "password" to your account that you will be required to recite when contacting them by phone or doing business in an office.

    It has nothing to do with your online account password.

    Obviously, in order for the teller to verify it, they have to be able to see it.

    Maybe T-Mobile used the first 4 characters of your login password for this purpose. If they did, it is BIZARRE and stupid!

    You might argue that the "teller password" is an even worse practice. But this is supposed to be used only after they've already verified picture ID (at least in branch). On the phone, there still will be the usual verification steps before they ask for the password.

  13. Cant guess mine! by darkain · · Score: 1

    My first four letters are "pass"... And I bet you already guessed wrong what my 8-character password is! Its really "passmark", because I love benchmarking so much.

    1. Re:Cant guess mine! by novakyu · · Score: 1

      I might have believed you if you were an AC. But alas, you are not an AC and I can't believe you are that stupid.

  14. What's even worse by jetkust · · Score: 1

    Is that they force you to sign up to a pointless account in the first place. There's a phone number, device ID, and a sim card. Why is this necessary? I'm prepay, and everything was fine without the idiotic accounts.

  15. beer by Anonymous Coward · · Score: 0

    "What if this doesn't happen because our security is amazingly good?" ... challenge... hold my beer !

  16. Interestingly enough by Kojow777 · · Score: 1

    T-Mobile doesn't see that as a problem because it has "amazingly good security."

    Only a few months ago T-Mobile's websites had a major security hole allowing hackers to access all kinds of information about users:

    https://www.engadget.com/2017/...

  17. This is crazy by Anonymous Coward · · Score: 0

    As an admin I would be effectively executed for doing anything like this. How could such a big corporation do something so stupid?

  18. Quadruple damages by Anonymous Coward · · Score: 0

    For such breachs damages awarded should be quadripuled - compounding of other.
    plain text, park plain test need the sternest punishment for slackness.

    1. Re:Quadruple damages by Anonymous Coward · · Score: 0

      Zero times four is still zero. Oh wait no, maybe they will give you four years of identity protection instead of one. That is the typical "prize" for a company losing your data, right?

  19. But they've been hacked. A lot. by PeterGM · · Score: 1

    There have been a string of security screwups from T-Mobile. From severe bugs to straight up data theft.

    https://it.slashdot.org/story/18/02/23/2118227/critical-t-mobile-bug-allowed-hackers-to-hijack-users-accounts
    https://www.engadget.com/2017/10/11/t-mobile-website-flaw-social-engineering-hacks/

    A quick search for "T-Mobile data leak" provided numerous results to several instances. If this is their idea of "amazingly good" then yeah, I guess it is. After all "amazingly good" isn't exactly an empirical measure, it's sitting right in the middle of subjectivity. There are a lot of adjectives that are better than "amazingly" or "good", and maybe "amazingly good" is how they choose word the description of the their level of terrible security.

    --
    There are no stupid questions, just stupid people.
  20. Password lenght by Anonymous Coward · · Score: 0

    I constantly have password oddity issues.
    Must contain upper/lower case digits + a special character.
    But can only be 12 characters long.

    That's idiotic. They (should be) hash it anyway, so if I want my password to be the entire text of war and peace, that should be fine.

  21. How about... by Anonymous Coward · · Score: 0

    How about, you have been placed on notice that this is not a best practice, so henceforward if anything untoward happens your customers have very solid grounds to win a negligence suit.

  22. How about storing your ssn in a similar manner. by Anonymous Coward · · Score: 0

    I had a no contract phone with a company and I'm pretty sure they displayed my complete social security number at the computer used to make my payments. That's how I figured out the default number for people who don't have one.

  23. T-Mobile security SUCKS!!! by Locke2005 · · Score: 2

    Despite giving them instructions that all orders should use the password I selected, T-Mobile allowed some tweaker that stole my phone info out of my car to call their phone payment system and make 11 approximately 11 dollar payments to my account, each with a different stolen credit card number, presumably to test the numbers and see if they had been deactivated yet. I immediately called T-Mobile to inform them there had been a mistake, and other people's money had been deposited to my account, and they should reverse the transactions. They're response? "We can't do anything about those transactions until the card owner complains to us, and we can't even tell you any information about the accounts used for the payments because of privacy!" Seriously??? Of course, as the card holders noticed the fraudulent transactions, T-Mobile started fining me $35 for each transaction that didn't go through, then insisted that all payments be made IN CASH in person at a T-Mobile store since they couldn't trust me after all those payments I made didn't go through! That was after their customer support insisted the problem was with my bank and I needed to clear it up with my bank despite my repeatedly telling him none of the bad transactions were made from my account. He then made a note on my account saying "customer refused to cooperate" and hung up on me. So I switched to AT&T.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
    1. Re:T-Mobile security SUCKS!!! by Anonymous Coward · · Score: 0

      "We can't do anything about those transactions until the card owner complains to us, and we can't even tell you any information about the accounts used for the payments because of privacy!"

      Huge problem in today's digital world: malicious virus ad injection, traceable spam and credit card fraud isn't stopped; spoofing caller ID for crime continues; thieves keep on re-activating stolen phones without your police report landing them in jail, etc.

      To the corporations, since a step 2 hasn't happened to ME yet (despite being closely related to my reporting a step 1... then I cannot pursue it to a resolution for me and others nor receive any guarantees of them looking for a root cause. Few users care are aware or care enough to report problems, let alone raise a stink to the level of an expensive lawsuit to "recover" a few drops in the bucket for their individual incident.

      US organizations carefully compartmentalize clients into such low-power units that instead of solving a larger problem they can only go as far as countering this single complainer's risk (on-demand when it is too late!) via temporary credit monitoring, refunds (interest / bonus free btw), phone number rotations (retirement is a no-no and some poor sap eventually gets draws the known-short straw some months down the road). This keeps the game of whack-a-mole alive and kicking.

      Negligent policies and poor security results in us being kept from finding out exactly what thieves stole from us, when, where and how. The thief has already proven that they can impersonate us again later, but companies are too mighty to help us solve the problem ourselves.
      Had we used a time machine to erase the knowledge that there is a third-party thief, nothing is keeping us from innocently asking them to "remind us" of our accounts' "what, when, where and how" X events happened (which we now know were committed by our alter-ego).

      We would have better chances battling this willful company schizophrenia and stonewalling if a single rep were handling all the calls and emails for our account. Large companies sometimes assign technical account managers to B2B relationships, for example... fostering a more personal relationship when lots is at stake. They are courteous and aware of regular patterns, and thus more aware of oddities than hundreds of small cogs today handling issues that require more action than they are empowered to solve

    2. Re:T-Mobile security SUCKS!!! by Locke2005 · · Score: 1

      Yeah, that was another incident, when one of my credit card companies posted an unauthorized charge. "The charge was for a product delivered to an address on the east coast, but we can't tell you what address it was delivered too." Uh... you wan't me to pay for something, but you can't give me any details about the order? Sure, protecting yourself from liability when somebody decided to take justice into their own hands is more important that helping fix the problem of credit card fraud. (For the record, they _might_ release the information to law enforcement, but in my experience law enforcement isn't willing to expend any time or energy investigating. Like when thieves broke into my motorhome, I call up police and said, "When are you going to come out and investigate, they left the tool they used to break in and probably left fingerprints." and there response was, "Why would we want to do that? We gave you a report number to give your insurance company, now leave us alone!" In other words, since I didn't have theft insurance, reporting the crime to the San Jose police department was pointless, they had more important things to do than investigate the theft of somebody's luggage and CD collection.

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
  24. A fix by joemck · · Score: 1

    Now that we know they store the first 4 characters in plaintext, we can work around this easily enough. Simply put 1234 at the start of whatever password you want to use, and you'll have the same security as you would without the idiocy or the 1234.