(Bloomberg) -- One Ring to rule them all, One Ring to findthem,One Ring to bring them all, and in the darkness bindthem.—J.R.R. Tolkien

David Haas doesn't like to give out his Social Security number. He fends off all therequests he can, from doctors, credit card companies, thebureaucracy at large. In the end, it was summer camp that gothim.

Related: Cyber threats still on therise

"If the camp refuses your child because you won't divulge yourSocial Security number, you end up giving in," said the FranklinLakes, N.J., financial planner. Haas kind of caved to hisdaughter's school, too.

Don't be too hard on him. It is the number that rules usall.

Social Security numbers, which identify the retirement accounts Americans build up over alifetime of paycheck deductions, are taken in the vast majority of data breaches, includingthe massive hack Equifax Inc. announced on Thursday, simplybecause they are ubiquitous.

They're a juicy target.

Together with other basic information, like name and dateof birth, the Social Security number is a passport to aperson's identity.

Unlike a credit card number, which can be instantlycanceled, the SSN serves most people for theirentire lives, with some 496 million issued since the first batch ofcards went out in 1936.

Its use as authentication for personal accounts hasexpanded the opportunity for fraud.

The government has tried to lessen our dependenceon the Social Security number as the ultimate identifier andauthenticator—for example, some states ask for a driver's licenseor state ID on income tax forms.

Within its own ranks, the federal government is locked in astruggle to reduce the "unnecessary collection, use anddisplay" of the number. In 2007, a presidential taskforce issued recommendations to "help prevent the theftand misuse of consumer's personal information."

A decade later, on May 23, the Government AccountabilityOffice testified about a GAO progress report on executivebranch efforts to address the recommendations. Theverdict: "These initiatives have had limited success."

Among the initiatives was a proposed "alternative federalemployee identifier" on Office of Personnel Management forms. Thatwas abandoned as impractical "without an alternate governmentwideemployee identifier in place."

An estimated 17.6 million people, or some 7 percent of Americanresidents 16 or older, suffered at least one instance of identitytheft in 2014, according to the Bureau of JusticeStatistics.

And that was before mega-breaches like the ones at Equifax,the health insurer Anthem, and the Office of PersonnelManagement itself.

"We are bleeding fraud with the use of SSNs," said EvaVelasquez, chief executive officer of the non-profit Identity TheftResource Center, which helps victims of identity theft.

According to Equifax, which discovered the hole in its defensesin late July, the private information of some 143million people was compromised. In addition to SocialSecurity numbers, it includes addresses, driver’s license data, andbirth dates, as well as some credit card data.

A proposed class-action lawsuit was filed against thecompany late Thursday.

Attempts to check the SSN's proliferation have beenfailing for nearly half a century. As early as 1971, a SocialSecurity Administration task force proposed that the agency takea " 'cautious and conservative position' toward SSN useand do nothing to promote the use of the SSN as anidentifier," according to The Story of the Social SecurityNumber, on the agency's web site. No luck.

How about fingerprints? Government agencies including theVeterans Administration and the Post Office have tried them,but they came with the whiff of criminality. The baldstring of numbers seemed the more practical way togo.

In its early days, the SSN wasn't widely treated assacrosanct. In 1938, a wallet manufacturer in New York, whichwanted to advertise how well those new Social Securitycards fit into its billfold, used the actual number ofits treasurer's secretary, one Mrs. Hilda Schrader Whitcher.Mrs. Whitcher's secret identifier (078-05-1120) was soon ondisplay at Woolworth and other department stores around thecountry.

By 1943, nearly 6,000 people were using her number,according to the Social Security Administration, which voidedit. Over the years, more than 40,000 people claimed the number astheir own, and 12 people were found to be using it as late as1977.

"They started using the number. They thought it was their own,"the real 078-05-1120 said, according to a history on the SocialSecurity Administration web site. "I can't understand how peoplecan be so stupid."

Since then, many companies and government agencies, while usingSSNs internally, have at least stopped displaying them on IDcards and using them as subscriber numbers. Many useunique numbers, sent to a recognized device such as acellphone, in place of the familiar request for the lastfour digits of the Social.

Some have suggested creating individual encryption keys, sort oflike the code-generating tokens that workers use to access theircomputers from outside the office.

Another idea, a national identification card, "creeps peopleout, because it seems very Orwellian," Velasquez said.

Even creepier, she said, one frustrated consumerproposed that the government "just microchip me so youcan scan me and thieves can't dig it out of me."

Until we all get chipped, the only person who can sharplycurb the use of your Social Security number is you.

"Don't blindly provide it because you're asked for it,"said Gary Davis, chief consumer security evangelistfor anti-virus software provider McAfee.

The tricky part is that you can be denied service. The SocialSecurity Administration recommends asking why the number isneeded, how it will be used, what will happen if you refuse to giveit, and what law requires you to give the number to aprivate business.

For example, there's no legal reason you must give it toyour doctor. Doctors almost always ask for it, though,sometimes because they're using outdated forms, or forpatients on Medicare, since your Medicare number isyour Social Security number.

On income tax forms and financial accounts that wendtheir way to the Treasury Department, the ritual asking for andgiving of the Social Security number is all butinevitable.

Same with food stamps, child support enforcement programs,and state commercial driver licensing programs. Credit bureauTransUnion says the nine-digit wonder isindispensable.

"We consider the SSN to be an important part of theconsumer reporting and credit granting ecosystem, and manyregulators and consumer advocates recommend this approach, whereavailable, for accuratematching," TransUnion spokesman DaveBlumberg said in an email. "The SSN is also an importanttool in identity verification and can help lenders to detect andprevent identity theft."

Opening a bank or brokerage account requires a customeridentification number, most likely a Social Security number orIndividual Taxpayer Identity Number, according toanti-money-laundering provisions in the Patriot Act, the securitylaw passed after the 2001 terror attacks.

An auto insurer might demand the Social to ensure,say, that the credit information for an applicant is reallyfor the driver operating the vehicle.

Life insurers want it because it's a good way to find a "lost"policyholder, or find out if the policyholder has died, byconsulting the Social Security Master Death File, said LorettaWorters of the Insurance Information Institute. An SSNcan also help find beneficiaries, she said.

Still, if in doubt, ask: Why do you need it? How willyou use it? Do I really have to give it?

New Medicare cards are going out without the SSN on them,but for those over 65 the number is sitting intheir wallet. Medicare has until April 2019 tocomply with a 2015 law requiring it to create aMedicare Beneficiary Identifier.

An MBI generator will initially assign 150 million new11-character identifiers made up of numbers and capitalletters.

Hassle alert: The transition will run from April 1, 2018,through December 31, 2019, the Medicare web site says.Medicare notes that the MBIs "will not contain inappropriatecombinations of numbers or strings that may be offensive." Because,of course, that's our big worry.

The Social Security Administration is taking action, too.Americans can turn on multi-factor authentication ontheir My Social Security accounts, which have beentargeted by thieves setting up accounts using stolen SSNs tocollect benefits.

As for Haas's kids, or, more to the point, yours, theAmerican Camp Association says it doesn't require member camps togather SSNs. But browsing through camp applications online, onefinds the camper's Social, or its last four digits, in demand oncamp financial aid forms, authorization forms for medicalemergencies, and so forth, sometimes accompanied by a promiseto destroy the documents at the end of the season.

Will the U.S. ever break its addiction to the Social Securitynumber?

The Office of Personnel Management did begin exploring the useof "multiple alternate identifiers for different programs andagencies" in 2015, the GAO report said.

The idea was to collect a Social Security number just once,when an employee started working, and then use differentidentifiers for different programs, like health-care benefits. Thework was put on hold for lack of funding.

Some fear we're just going to come up with another uniqueidentifier that can be compromised, said Velasquez, of theIdentity Theft Resource Center.

But she's hoping something will happen inher lifetime. She's 45.

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.