Your Social Security Number: More social, less secure

The New York Times posted an article today detailing how most Americans’ Social Security Numbers are easily guessed due to an “architecture of vulnerability” that has arisen alongside the internet.

The number we’ve been told to guard with our lives and only make known when absolutely necessary for fear of Russian cybercriminals running up an eBay tab under our names- some researchers at Carnegie Mellon have found a way to crack it using cutting edge technologies… such as Facebook and MySpace. A spokesman for the Social Security Administration told the Times that citizens should “not be alarmed” by the findings because there is “no foolproof method for predicting a person’s Social Security number.

Is your SSN one of the more crackable? Researchers pointed out some areas where vulnerabilities are more likely to exist. If you were born in a smaller state, for instance, patterns in how numbers are currently issued make it slightly less difficult to guess those numbers. And if you were born after 1988, you can thank Uncle Sam for leaving your ass exposed- around that time, the government became more strict in “encouraging” parents to obtain SSNs for new familial additions.

The representative for the Social Security Administration also said plans are in place to begin randomizing new SSNs beginning next year, which is no help to any of us who are- you know- alive like, right now. While the SSA waves off the findings as something pretty much everyone knew already- oh hai guys thanks for telling us- a researcher who released the study expressed a desire for awareness regarding the system’s vulnerabilities. Alessandro Acquisti, an associate professor of information technology and public policy at Carnegie Mellon told the Times:

“My hope is that publishing these results may open a window of opportunity, so to say, to finally take action,” Mr. Acquisti said. “That S.S.N.’s are bad passwords has been the secret that everybody knows, yet one that so far we have not been able to truly address.”