Web security in academia. Whoa! How dumb is Princeton’s admissions office to do this? And how dumb are Yale’s web application developers (or buyers, if it isn’t a custom product) to use SSN, name, and bday for login information? Um, doy? You should both be held accountable for your FERPA violations. So should my health insurer, for using my SSN as my account number, but I’m not ready to sue them for that. Yet. 😉 [kerri News]