|
|
|
|
|
|
by ajmurmann
3194 days ago
|
|
|
I would definitely be weary of using the same answer in multiple places. Even more so than with passwords. These stupid answers clearly get stored unhashed (how else would they be verified via phone?). Do if the system gets compromised the attacker now has your security question response for multiple targets. Other than being pronounceable I see the exact same requirements for security questions as for passwords. If anything they need to be stronger. |
|
|