- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Asking about "youngest child' ( as opposed to oldest) is terrible design. I had a lot of trouble logging into an old account a while ago. It took me a few failed attempts to realize that I must have set up the recovery questions BETWEEN having my son and my daughter... so who was my youngest had changed. My youngest was 17 years old at the time this happened.
Admin
The shipping method might change the arrival date - if I need something before I leave town, I'll gladly pay the 5 bucks to get it here on time.
Admin
@Bill NoLastName: TRWTF is using your daughter's actual name (which is basically public information) rather than another randomly generated password for this kind of questions. (And keep that "name" secret, unlike Musk.)
Admin
Also, what happens when someone has another child, and the answer is now not even the same.
Admin
I think the underlining in Michael P's submission masks the real WTF - which, as far as I can see, is that they use Angular but want someone with experience of only AngularJS rather than Angular. Or it might be another one of those where the submitter knows what the WTF is and just expects everyone else to pick it up without explanation.
I'm also not sure that Cole T's is actually a WTF. Most rewards schemes have a minimum you must hit before you can take the reward. He's 55 points short of the minimum, hence it's still showing at $0.
Admin
... and the bank for still asking these stupid insecurity questions. I thought they had finally died out years ago.
Admin
I've tried that sort of thing before (use the security question as a placeholder for the real unrelated answer), but then I forget what data I made up and can't get in...
Admin
(One of) TRWTF(s) is that some sites are still using "security questions" based on easily-discovered information.
Admin
Yes but no, seeing as how it's saying that Cole's rewards are about to expire rather than that the accumulated (but insufficient) points are about to expire. Cole currently has no rewards to expire.
Addendum 2025-06-20 12:02: Note: I'm not disputing that it's a WTF, just the details of what the WTF is.
Admin
My first pets name could have been ⭎턪킯ӽそ훟녱Ꜻヤ쟿ꓕ혠≏ﮐ캔✹ℭ됌╊ꨧ⭓ﺏ휩뚪➽ⴥῳ쯥ꖨ띜Ί¬ Maybe.
Admin
Well yeah, you store that info in your password manager.
Admin
Exactly! Or switch banks to one who doesn't rely on "security" questions to "protect" their users money.
Admin
Yeah, what is it with using names for verification? I have hit that sort of stupidity before. My wife is from China--the land of short names. Her entire maiden name is only 9 Pinyin characters for 3 Chinese symbols. Her mother, likewise, had only 9. Her father had a long name, a total of 10. I do not know the actual names of most of her siblings (Within the family I am expected to use the family relationship as if I were her) but the ones I know are likewise short. I'm aware of one that has 5 characters in one of the symbols.
Admin
That first one gets me because Amazon requires all shipping address names to be of 2 blocks of 4 letters each separated by a space. Otherwise it deems your shipping address as invalid. As someone who has a 2 letter surname, it meant I cannot order from Amazon unless I change my last name.
Admin
Have you tried appending two underscores to your last name when you order? I bet the shippers will deliver it without complaint.
Admin
Presumably you mean "two blocks of at least four letters each"... (rather than exactly four letters)
Admin
Amazon sells worldwide. And has since pretty much the git-go. I'm surprised and dismayed that even mighty Amazon has stupid thoughtless US-centric validation rules embedded in their UI.
Admin
I'm not sure what the WTF is in the job listing. Haven't they just repeated a requirement?
Admin
Could be worse. I read of someone here in Australia whose situation improved when they officially changed their family name to be two letters long, OO - prior to that it was a single letter O. Don't care much about Amazon when you can't access government websites, banking, etc.
Admin
Yeah, one of my bugbears too. I saw a good suggestion years and years ago (sorry, can't find the site to give attribution) that if forced to use secret questions then (even in the absence of a password manager solution), you can treat them like a passphrase by picking two random words you can remember, and appending the keyword from the question itself. So for example if you've chosen the secret words "battery" and "horse", then the city you grew up in is "battery horse city", your favourite colour is "battery horse colour" and so on.
Yes, a proper password is usually better - except when the secret questions are also used as "wish it was 2FA" by customer service operators over the phone. My password manager will competently assert that my first pet was called ex@VA4Hq2VH$cSxqC3T6 correctly every time, but will the customer service rep sitting in a busy call centre?
Admin
Indeed. It was a lovely place e to spend your childhood.
Admin
The "Bootstrap for optimization of Web API's" is probably meant to be "Bootstrap for optimization of Web apps". Captain Obvious signing off.
Admin
That's a bit misleading. The name for the shipping address can be whatever you want. It doesn't need to match real info the way the billing name does. You could make it something close. Or John Smith. Or what have you. That'll be what shows on the package, same as with any other shopping site.
Admin
I had a similar security question issue when I was asked for my mother's place of birth. She was born in Ely, which is a cathedral city in Cambridgeshire, UK, but that was deemed to be too short. In the end I put Cambridge.
Admin
I took it to be the idea that Bootstrap would be of any benefit in optimizing web APIs