SSNs and User Authentication
Russell Henning
rhenning at fsc.follett.com
Tue Nov 4 08:25:23 EST 1997
Kathy writes:
"...three librarians mentioned that they thought it was
*illegal* to use the social security number for user
authentication."
It's not illegal, otherwise the insurance companies, credit card
companies, etc., couldn't ask you for it. However, if you're
interested in protecting your patrons' privacy (and I know you
are), you won't use 'em.
Credit card fraud is exploding. All that's needed is a name,
SSN, and some other bits of info and you're somebody else. I'm
sure you've all heard the horror stories regarding how long it
takes the Credit Bureau-crats to clear up a wrongfully-sullied
credit record.
Don't give your SSN to any non-government, non-work-related
entity; likewise don't ask anyone for it.
Russ
rhenning at fsc.follett.com
More information about the Web4lib
mailing list