Monday, August 8

Recruiting Systems: Inviting a security breach

I'm doing a little job hunting, and running into more than a few hosted recruiting systems.

Mostly they seem to be the main applicant entry point for larger companies. Especially below the SVP level. I just ran into one that has a terrible risk in progress.

The product is called AppOne.com by HR Services, Inc.

On the first page where most systems login using a email address, you enter BLIND, your social security number, including the dashes, twice.

Talk about the poor design!
  1. Use of a Social Security Number
  2. Requiring the dashes separating numbers
  3. Echoed as *********** rather than ***-**-****

With the repeated breaches of security, and identity theft, you'd think they would change it to the more routine email address. (They do collect that information later.)

It's just plain hard to get that information in correctly every time. And you will need to enter that information for every job applied for.

I'll be finding more examples as I go through the job application process, so tune in again. If you've got a terrible job hunting site, let me know. I'd like to see it.

0 Comments:

Post a Comment

<< Home