TMobile has begun setting up wireless networking called Hot Spot at various retail locations such as Starbuck's and Borders Books.

TMobile provides the user with a login name and password that cannot be changed by the user. The problem is that the login name is the user's TMobile phone number and the password is the last 4 of their SSN.

They do provide some CYA wording explaining that their networks do not guarantee security and that its your job to secure your data (see TMobile Security Statement).

The FAQ states that their sites do not use WEP because they feel its impractical to have a shared secret password for a publicly available network. I can't say I disagree with that.

With an inherently insecure system though, they may want to consider allowing other login names and passwords. Once someone intercepts your phone number and last 4 of your sSN, they can call TMobile and get a variety of other information (address, birth date, other phone numbers, email address, etc.) because those are the keys that verify your identity to them.