This has been an interesting week. First, my old website provider (initial Y) decided to break my email. When I called to have it fixed, I was told it would take 48 hours. When I informed them this was their fault, they continued providing me with formulaic responses that meant nothing. So I decided to move to another provider.
Well… I did some research and decided to go to a highly rated site (initial i). Everything was fine until I entered an online chat to get help with an issue. The first thing the support person asked me for (as part of identity verification) was my answer to my secret question. Those security professionals out there know this is just plain wrong. I immediately cancelled my subscription.
My new provider, HostGator, seems to get it. I had to create a PIN instead of answering a secret question. In addition, chat sessions require me to authenticate using my HostGator credentials. This provides immediate verification without asking for information the support tech should not have.
Granted, these are small providers… unlike Amazon, Microsoft, Google, etc. However, how many people use these services to post information? How many of these sites have questionable business continuity assurance or security? For example, ‘i’ likely has other security issues if they believe asking for a customer’s secret question response is a good idea.
Oh, well. I am settling into my new website home. ‘Y’ and ‘i’ will just have to get along without me…