Ah, yes, there's nothing quite like a condescending representative entirely out of his depth telling you to "do the maths" to show your customers that you really care about their security and privacy. I wish you good luck in getting them to listen to you.
That entire thread was cringe-worthy. At least the last company I reported something similar to came back with "our developers are looking into the problem, and we will probably switch out the login scheme in the next few weeks". Whether they actually did it or not, who knows, but at least they acknowledged it.
I like the way that he implies that you don't have the right to complain about the 12-character limit at Stardock unless you complain to your bank about the 4-digit credit card pin limitation first.
