ugh. even their 10 digit code they provide to unfreeze someone isn't very secure. It's simply todays date plus a 4 digit pin that moves up in the order that someone signs up. For example: 090817xxx1, 090817xxx2. So my wife and I are simply two numbers apart.
Jesus. I think you can provide your own. But yeah, when the user-facing bits are this bad, you know it's nothing but garbage below. I can't believe these companies have so much power.
I can't even imagine how something like that can be implemented. Even if you put the most junior developer on this, something so serious should have been reviewed by someone. At least do a quick search on stack overflow or something.
