Re: User Alert: E*TRADE Usernames and Passwords Remotely Recoverable

[Bridgette Julie Landers <julielanders () YAHOO COM>]

James Mancini wrote:
'When I pointed out the weak passwords to them, their
response was "no one else complained."'

In November 1999 a co-worker of mine had complained
...  very loudly.  He raised the issue through three
levels of escalation ... call customer service, get
unsatifactory answer "that's the way it is", demand to
speak to manager, rise, repeat.  The third level of
E*Trade mangement they said that they were in
compliance with SEC security regulations and therefore
need not change anything.

So unless James complained proir to Nov. 99, the
E*Trade representative who told him that was either
ignorant or lying.

Also note that E*Trade OptionsLink accounts can have
longer passwords (12 chars?) but that the passwords
can only consist of decimal digits.  But I guess if
it's good enough for a voicemailbox it's good enough
for billions of dollars of other people's money.


__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/