
IRS hacked again – say goodbye to that PIN system - wlrm
https://nakedsecurity.sophos.com/2016/06/27/irs-hacked-again-say-goodbye-to-that-pin-system/
======
nameless912
Why do we have a system that uses SSNs as passwords, rather than usernames?
Wouldn't it make _far_ more sense the other way around? That way, if your SSN
is stolen, it would be equivalent to getting your email address leaked.
Consequential, but not devastating. And then in that case you could update a
password/PIN whenever you want to.

------
themartorana
/facepalm

~~~
johnhenry
#facepalm

