How do I mask SSN in a Textbox and only show the last 4 digits of SSN when I load up a page using JQuery?
+10
A:
If you're masking it with jQuery you've already got a security hole. You need to mask it server-side otherwise it's being sent unmasked across the network. That's a huge privacy and identity theft problem.
Gabriel Hurley
2009-06-22 17:41:11
Agreed. It is absolutely imperative that if your intention is to "obscure" the SSN and just show the last 4, that it is done on the server side. Otherwise, the user could simply "View Source" on your page and see the unmasked SSN.
Peter J
2009-06-22 19:02:30
+1
A:
I would go one step farther and ask "are you absolutely, positively sure that you even need the user's SSN for what you're doing?" That's a really dangerous piece of information to be collecting/storing and will get you on the wrong side of a really nasty lawsuit if you ever get hacked.
James Aaron
2010-08-21 20:08:51