Hey, security experts: should I be worried about this?
I know we have a lot of knowledgeable Wooters out there, though I'd post this:
Our company is making us print out our own W-2s online now, and they set it up so our username on this system is our first initial, last name and last four digits of your social security number (e.g. username JSMITH5309).
It seems to me that having your last-four of your SSN as a part of your username is a huge security risk. Am I wrong to be worried?