Hacker News new | past | comments | ask | show | jobs | submit login

To be fair, it seems like it would be very difficult to guarantee you own the account without access to your email or phone number.



They wouldn't even give my parents' account back when I offered to send pictures of their drivers license / social security cards / passport in. All because they forgot a dumb "secret answer" question. Yahoo has beyond terrible customer service.


How is this a terrible customer service? Sending easily faked pictures of documents is not a proof of account ownership. It's your (or your parents') responsibility to remember password or security answer, don't blame customer service for that.


At the very least, cursing at you when you ask for a supervisor, then hanging up, counts as terrible customer service. Other companies offer last-ditch methods for recovering accounts. Yahoo could too; it's not like they'd damage their shining reputation for account security.

> It's your (or your parents') responsibility to remember password or security answer, don't blame customer service for that.

It is, but it's customer service's job to help out the customers. Elderly people aren't known for great memory. It's got to be expected that people in general might not remember to update the account when they change a phone number, and might not remember the security answer that they provided years ago.


A human is behind an account. There need to be ways to recover an account when certain measures fail with non-tech savvy folk like my elderly parents. Yahoo offered no way to recover the account.


And those same methods you mention are how people get "hacked". Everything that would make it easier for your parents to recover their account also make it easier for someone to social engineer.


The H word is such a lazy excuse. Techies overestimate how much the common folk give a shit about getting hacked. 99% of the population are not celebrities.

I know a bank that purposely reduce their Internet banking security. To cater for specific elderly customers who constantly forget their password. They are not going to force their customers to walk into the bank everytime.

These accounts are at a risk of getting hacked. It's called a tradeoff. As a bank, do you want customers or not? Do you like money or not?

As for the Yahoo situation. If they gave a shit about customer service: they can accept copies of drivers licence/passport signed off by a justice of peace.


Sounds like a bank that doesn't want my business. And that's fine if that's how they want to operate. But if a company wants my business, lightening security standards is not the way to get it.


And that bank is probably in violation of PCI DSS.


You're a customer too? How much ad space do you purchase?

This might help things if you mentioned it to them...


I'm the product lose me and the customer will have nothing to match the ad against


My parents paid for the yahoo mail plus for years. But Yahoo didn't care at all. They offered no way to get the account back.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: