|
|
|
|
|
|
by gry
3180 days ago
|
|
|
In 2005, Bruce Schneier noted the purpose is to provide a fallback password[1] if the primary password was forgotten, but the reality is, security questions are a much less secure protocol than passwords themselves. While on a personal level you can fix this by using a password manager and generating another random string as an answer, other cute and terrible implementations like United[2] (calling you guys out) obliterate it, making yet another, terrible, horrible, no-good secondary protocol. Why companies use them is because the Powers That Be(TM) believe it to be a secure protocol. They localize the problem to themselves and since they haven't been exposed using their mother's maiden name, it's good enough. Also, everybody else uses security questions, even our competitors, so we have to be at least as secure as them, right? The key phrase is "at least". Then you are equivalent in policy and protocol; certainly not more secure. :D [1] https://www.schneier.com/blog/archives/2005/02/the_curse_of_... [2] https://www.united.com/ual/en/us/account/enroll/default |
|
|
Mother's maiden name was one of the fields. This seemed intrinsically insecure. So I filled out 'banana' and made a mental note. The bank actually called home, I was not home, said the field hadn't been filled out, and requested the information from a family member.
I was stunned.