Insisting on security risks – revisted

A while back I wrote a post about companies insisting we put our accounts at risk by forcing us to answer silly questions that would serve as a backup in case we lose a password. You know, like what our favorite color is, where we were born, and other commonly available items.

Thanks to Bruce Schneier’s post on Secret Questions I’ve learned about some research people have done on the subject. Yep, it’s just as stupid an idea as I originally thought, and they point out something I hadn’t noticed – people often forget the answers they give. Who has the same favorite color or movie forever?

Since I wrote my post on the subject, I’ve taken to using a very long password to these questions, which are becoming increasingly popular – even with companies that should know better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s