Perhaps I'm misunderstanding the nature of this complaint, but it sounds like this guy is dealing with a service at which:
* Tier 1 customer service people do not have plaintext access to customer passwords, and
* Tier 1 customer service people do not have the ability to manipulate customer accounts without their passwords (and thus consent).
On the scale of security/customer-service interactions at service providers, this sounds like MONUMENTAL EPIC WIN. What exactly am I missing here?
And,
How on earth could you possibly input a password into some random text field in an application that you would not provide to the CEO of the company hosting that text field?
I'm not convinced that the Tier 1 customer support reps do lack access without the password. It just seems to me like a misguided attempt at verifying identity.
As for your second point, all that is based on trust in the company that they're not storing in plain text and opening it to the CEO...which I hope is the case for most companies. I was more trying to give a sense that I'm really not happy giving my password to any person. When it's a web form, you just have to have trust or the whole idea of passwords is broken.
In case you missed it, the subtext of my comment is that neither of those bulleted items are true for most service providers. At most large service providers, you can count on tier 1 CSA's having direct plaintext access to your password and those CSA's being a mouse click away from taking any action on your account you can conceive of.
I'm not sure I understand what the point you're trying to make is. In a hypothetical (but unlikely) world where they <really> did need my password to manage my account, this would be a poor practice to have and it should have some kind of other verification, even if it was character [x] and [y] of my password. The same applies if they don't need it really...this doesn't seem a good idea regardless.
That specific solution doesn't work. If they have access with just characters x and y of your password, then they (as good as) have your password, and access to your account.
Well, yes, but it's expected and somewhat necessary that administrators (that is, people with some kind of administrative responsibility) of online services have access to your account.
So you do not trust them with your password (that you're going to change later anyway), but you do trust them with unpassworded access to your account?
All I'm saying is that you have to have that trust, it's always going to be the basis of how customer support works in businesses like this. Requiring that you give out your password to a person is not acceptable.
Now, having seen some of the alternative systems suggested, I think I agree.
I instinctively do not want to give my password to anyone. And that's a great habit to get into, and we want regular people to get into that habit. That would make phishing less useful.
In this case it seems they're trying really hard to protect your domain from harm. But yes, I've been mostly persuaded.
* Tier 1 customer service people do not have plaintext access to customer passwords, and
* Tier 1 customer service people do not have the ability to manipulate customer accounts without their passwords (and thus consent).
On the scale of security/customer-service interactions at service providers, this sounds like MONUMENTAL EPIC WIN. What exactly am I missing here?
And,
How on earth could you possibly input a password into some random text field in an application that you would not provide to the CEO of the company hosting that text field?