Does anyone know of any issues with using the last 4 digits of a customer's social security number as the default for a passcode??? (i.e. telebanking)

Thanks in advance for your response!!

Anyone????

I haven't been on this particular forum in quite awhile, so I apologize for the late response.

The main issue that I see is that the last 4 SSN is a really poor safeguard. The only saving grace would be IF the system forced the customer (or member) to change the password the first time he or she accesses it.

Otherwise, the account is wide open for ID Theft takeover. I like to use the example of a receptionist at your dentist or doctor. You write a check for your co-payment and hand it to the receptionist. Between the information on your check and the information in your medical file, he or she has everything needed to takeover the account.

Specifically in CA, I believe it is prohibited:

http://www.leginfo.ca.gov/cgi-bin/displa...1798.85-1798.89

I believe the prohibition is requiring the use of the entire SSN for the password.

Ours is last 4 digits, with a required change the first time it is used.