How to Avoid the Surprising Risks of Password Security Questions

Your favorite pet’s name can be hazardous to your online security. That’s the message security expert Jim Fenton delivered in a talk I recently attended at PasswordsCon.

What makes a question like, “What is your favorite sports team?” a security risk? Isn’t answering it supposed to enhance your security? Actually, says Fenton, such questions aren’t intended primarily to enhance your security. On the contrary, Websites make you answer them because it gives them a cheap way to be able to reset your account when you forget your password.

And don’t mistake a security question for a strong security-enhancing technique like two-factor authentication, which is growing in popularity. In two-factor authentication, besides your password, the second component you supply to prove your identity must be something entirely different, such as a fingerprint or a code that the site sends to your mobile phone….


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s