This is regarding the same statewide online charter school I asked about here. This time I forgot my password, clicked to reset it, was directed to call customer support, and, upon identifying me, the customer support person spelled my old password back to me, capitalizations and all. Not only they store user passwords, they make them visible to their support staff.
Now, this is a statewide online school where I enrolled my kid to. With security that flimsy I’m afraid that of all kinds of unpleasantness coming her way, ranging from grade changes by other kids causing all kids’ grades becoming untrustworthy to stalking opportunities to financial fraud if she ever makes the mistake of using the same password at her school and her banking. BTW, they already have scans of her birth certificate and my mortgage, submitted as a part of enrollment process.
How do I deal with that? Any way to influence the charter school to step up security?
Go to Source