Actually it is obfuscation but that is not a bad thing.
Obfuscation has a bad rap but people don't actually understand it, and you see that here.
The difference between "regular" obfuscation and this randomization system is that in a regular way, /someone/ is going to know the answer, whereas with randomization, no one really knows.
It is like letting someone chase you forever. Also, if every guess comes at high risk, the probability of someone ever attempting it goes down considerably. Personally I would use this technique if I had no other recourse, but not in a normal system or situation where I would be confident enough to trust other measures.
Re: IMO you can't solve security by adding more stuff
Obfuscation has a bad rap but people don't actually understand it, and you see that here.
The difference between "regular" obfuscation and this randomization system is that in a regular way, /someone/ is going to know the answer, whereas with randomization, no one really knows.
It is like letting someone chase you forever. Also, if every guess comes at high risk, the probability of someone ever attempting it goes down considerably. Personally I would use this technique if I had no other recourse, but not in a normal system or situation where I would be confident enough to trust other measures.