After some really interesting research results, Google is raising awareness about how unreliable "Security Questions" are for legitimate login authentication, password recovery and more.
Providers of Internet services have long asked their users to provide answers to questions about themselves which may be used for identity verification later. Typically, these questions are asked if a ... [ read the full article ]
Please read the original article before posting your comments.
there just a major annoyance, I've been using the Biggest no no passwords known to man and I've never had any account compromised ever. Needing passwords that are as long as paragraphs, they're just a turn off, if i cant use a password like Big$Billy then I'm not going to bother with your service.
One of the banks that I use let's you create your own security questions. I've selected some very obscure questions related to my childhood. The answers are easy for me to remember but would be extremely difficult for someone to guess. None of the answers involve names, places, pets, etc. Even the questions would make someone go, "Huh?".
Originally posted by aw2600: One of the banks that I use let's you create your own security questions. I've selected some very obscure questions related to my childhood. The answers are easy for me to remember but would be extremely difficult for someone to guess. None of the answers involve names, places, pets, etc. Even the questions would make someone go, "Huh?".
This is much better implementation than most of the ones I see. I wish more companies did it this way, because you'd think it was inherently problematic asking everyone the same questions which have a limited number of possible responses.
Originally posted by DXR88: there just a major annoyance, Ive been using the Biggest no no passwords known to man and Ive never had any account compromised ever. Needing passwords that are as long as paragraphs, theyre just a turn off, if i cant use a password like Big$Billy then Im not going to bother with your service.
