> For the public system, assign to every participant a true unique identifier, r... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		arbuge on July 30, 2019 \| parent \| context \| favorite \| on: Capital One’s breach was inevitable, because we di... > For the public system, assign to every participant a true unique identifier, rather than the SSN which explicitly states should not be used as such. How do you make this proposed new unique identifier more secure than the (admittedly very unsecure) SSNs?

rocqua on July 31, 2019 [–]

Only use it as an identifier, not as a part of authentication. The issues with using an SSN as a identifier (username) are:

1) Explicitly not meant as an identifier

2) Not unique

If not for 2, then the SSN could simply be repurposed to be this identifier.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact